Fresh Thinking for the Modern CISO
powered by Kudelski SecurityChallenges of a New CISO: The First Year
The first year as a new CISO can be exhilarating and at times downright frightening. You have a lot to prove and minds to win over, but you also have the opportunity to start fresh and make a big impact. Early on, the emphasis is on learning the lay of the land of...
read moreMicrosoft Passwordless Authentication 101
Passwords have long been a daily part of our lives, but in today's modern, cloud-first world the use of passwords alone leaves us increasingly more vulnerable to compromise. Large-scale data breaches are being reported more and more frequently in the media with more...
read moreYou Suck at Office 365 Logging
One of the misconceptions about cloud services is that you have to surrender all control when you sign-up. While it is true that you may no longer have racks of servers with blinking lights humming away in your data center, it doesn’t mean that you no longer have any...
read moreTips From Over A Decade of Working Remotely
The presence of COVID-19 has led to some unprecedented times. With a large portion of the workforce now working from home, there are numerous security implications that arise. Our previous post is an extensive FAQ that covers everything you need to know about the...
read moreMicrosoft Type 1 Font Parsing Critical 0-Day Remote Code Execution Vulnerabilities
Summary On March 23rd, 2020 Microsoft publicly disclosed the existence of two critical 0-Day vulnerabilities in all recent versions of the Microsoft Windows operating system. Microsoft is aware of limited targeted attacks that leverage these 0-Day vulnerabilities and...
read moreCybersecurity Concerns with COVID-19
We are having increasing numbers of conversations with clients about cybersecurity and business continuity challenges resulting from the rapid adoption of work-from-home scenarios to combat the spread of COVID-19. Clients are interested in cybersecurity policy updates...
read moreSecurity Advisory: Microsoft Server Message Block 3 (SMBv3) Remote Code Execution Vulnerability
Updated on March 12th, 2020: to reflect that Microsoft has now made a patch for the vulnerability available. As such, we’ve updated the advisory reflects updated mitigations. Summary On March 10th, a critical Remote Code Execution (RCE)...
read more5 Ways to Up Your Threat Management Game
Good security programs start with a mindset that it's not about the tools, it's what you do with them. Here's how to get out of a reactive fire-drill mode with vulnerability management. The basis of a good security program starts with a mindset that it's not about the...
read more