Fresh Thinking for the Modern CISO
powered by Kudelski Security
Security Advisory: WCry2 Ransomware Outbreak
wCry2 Ransomware spreading via EternalBlue (MS17-010) Update May 13 Data was coming in very quickly on Friday and while we worked to provide timely and reasonable information we know now more about what happened and how the Wana Decrypt0r 2.0 ransomware outbreak...
read more
Managing connected devices in the field or the post-market security headache
Over the past few months, numerous breaches have been reported in connected embedded devices ranging from medical devices to programmable logic controllers (PLCs). The so-called Internet of Things (IoT) is now under attack in similar ways to the rest of the IT...
read more
Don’t Let Crypto Ruin Your Day
A few years ago, a customer handed us a report from a Big 4 consulting firm describing how, after close to 100 person-hours of review, a team of ‘highly-qualified senior security engineers’ had failed to find any flaw in their encrypted communications product. Half a...
read more
API Security: Awareness in a Cloud-Connected World
Earlier this month, the Open Web Application Security Project (OWASP) published a release candidate for its well-known Top 10 list of the most critical web application vulnerabilities. In this first update since 2013, some vulnerabilities have been combined or...
read more
Finding Top Security Talent: If You Build It, They Will Come
I recently attended a meeting of likeminded Chief Information Security Officers who were discussing the challenges of their role. Conversation bounced between the need for better reporting metrics to the lack of value in threat intelligence, but one topic seemed to...
read more
A Shift in Mindset for the Modern CISO: An Investment Portfolio Approach to Cyber Program Management
In the spirit of bringing fresh perspectives to cybersecurity leadership, Kudelski Security has been reconsidering the way CISOs approach cybersecurity program management. The Investment Portfolio approach builds on the fundamentals of financial management, enabling...
read more
Kudelski Security CTO Andrew Howard featured in CSO & Infoworld
Kudelski Security chief technology officer Andrew Howard was recently featured in CSO, talking about device and software backdoors.
read more
Protecting the expanding perimeter: a Reference Architecture for Endpoint Security
Do you have full visibility on your endpoints? Are all your endpoints securely configured and managed, even when off the corporate network? Can you contain and analyze an endpoint attack, regardless of where the endpoint is? As numbers of remote workers increase,...
read more