Fresh Thinking for the Modern CISO
powered by Kudelski Security
The Cyber Pressure Model
Nearly every organization and government entity around the world has a media arm to promote its activities. Today’s terrorist organizations are no exception. Top targets such as Al-Qaeda, ISIS and Al-shabaab all have elaborate media mechanisms to promote and recruit...
read more
GDPR Compliance: 12-month Countdown to Compliance
Starting in May 2018, if you operate an enterprise or deliver services to customers in Europe – even if you are not located in Europe – your organization must be compliant with GDPR. If you decide not to comply with the requirements imposed by the legislation, the...
read more
Deception is the New Black
Concepts acquired from the military field are everywhere in cybersecurity – think defense in depth, situational awareness, intelligence, counter-intelligence... The list is long. In this post, I’m going to talk about one of them – deception – not because it’s new, but...
read more
The Might of a (Cyber) Nation!
Recently, Andrew Howard, Kudelski Security CTO was asked to comment in CSOonline on the need for a Cyber National Guard. A US congressman recently proposed the idea, citing digital security as a component of national security amidst headlines of other nations meddling...
read moreSecurity Advisory: WCry2 Ransomware Outbreak (updated)
wCry2 Ransomware spreading via EternalBlue (MS17-010) Update May 15 Attribution attempts Mid-morning (U.S time) Neel Mehta, a security researcher at Google, posted a cryptic tweet with the hashtag “#WannaCryptAttribution”: The tweet referenced hashes of...
read more
WannaCry Ransomware Webcast
The number of individuals, organizations and countries affected by the WannaCry malware attack is growing at an alarming rate. After the initial infection is executed, no user intervention at all is required for the malware to spread. As this is one of the largest...
read more
Security Advisory: WCry2 Ransomware Outbreak
wCry2 Ransomware spreading via EternalBlue (MS17-010) Update May 13 Data was coming in very quickly on Friday and while we worked to provide timely and reasonable information we know now more about what happened and how the Wana Decrypt0r 2.0 ransomware outbreak...
read more
Managing connected devices in the field or the post-market security headache
Over the past few months, numerous breaches have been reported in connected embedded devices ranging from medical devices to programmable logic controllers (PLCs). The so-called Internet of Things (IoT) is now under attack in similar ways to the rest of the IT...
read more