Fresh Thinking for the Modern CISO

powered by Kudelski Security
  • Tips From Over A Decade of Working Remotely

    The presence of COVID-19 has led to some unprecedented times. With a large portion of the workforce now working from home, there are numerous security implications that arise. Our previous post is an extensive FAQ that covers everything you need to know about the cybersecurity concerns and how to address them. Today, we’ll dive into…

    Read More >>
  • Microsoft Type 1 Font Parsing Critical 0-Day Remote Code Execution Vulnerabilities

    Summary On March 23rd, 2020 Microsoft publicly disclosed the existence of two critical 0-Day vulnerabilities in all recent versions of the Microsoft Windows operating system. Microsoft is aware of limited targeted attacks that leverage these 0-Day vulnerabilities and has provided guidance on how to temporarily mitigate the exploitation of these unpatched vulnerabilities. Patches for these…

    Read More >>
  • Cybersecurity Concerns with COVID-19

    We are having increasing numbers of conversations with clients about cybersecurity and business continuity challenges resulting from the rapid adoption of work-from-home scenarios to combat the spread of COVID-19. Clients are interested in cybersecurity policy updates to improve remote access, and asking for increased employee education around BYOD security, secure WiFi use, basic security hygiene,…

    Read More >>
  • Security Advisory: Microsoft Server Message Block 3 (SMBv3) Remote Code Execution Vulnerability

    Updated on March 12th, 2020: to reflect that Microsoft has now made a patch for the vulnerability available. As such, we’ve updated the advisory reflects updated mitigations.    Summary  On March 10th, a critical Remote Code Execution (RCE) vulnerability in the Microsoft Server Message Block (SMBv3) protocol was inadvertently disclosed. The vulnerability, known as CVE-2020-0796, is caused by how newer Windows operating systems handle certain requests, specifically compressed SMBv3 packets. Microsoft intended to release a patch for this…

    Read More >>
  • 5 Ways to Up Your Threat Management Game

    Good security programs start with a mindset that it’s not about the tools, it’s what you do with them. Here’s how to get out of a reactive fire-drill mode with vulnerability management. The basis of a good security program starts with a mindset that it’s not about the tools, it’s what you do with them….

    Read More >>
  • Global Cybersecurity Outlook: Andre Kudelski at World Economic Forum

    The annual cost of cyberattacks is expected to reach $6 trillion by 2021. What trends will shape cybersecurity in the near future? On the Forum Agenda: – Threats and opportunities for emerging technologies – New models of public-private information exchange – Improving organizational management and talent development Access the Platform for Shaping the Future of…

    Read More >>
  • This is Not Another 2020 CISO Trends Piece

    Microsoft Chief Security Advisor and former Coca-Cola Company CISO, Jim Eckart, spoke at Kudelski Security’s Sales Kick Off in January. Below is a summary of his presentation. Every new year brings a glut of articles on industry predictions and with it, inevitable questions from the board about how the CISO will address (all 42 of)…

    Read More >>
  • Cybercriminalité; La sécurité des réseaux électriques devient vitale

    Kudelski se profile dans la sécurité des infrastructures critiques alors que la Confédération est en train d’étudier la vulnérabilité du système électrique La cybersécurité est au cœur de la controverse qui oppose l’entreprise chinoise Huawei à l’administration américaine dans le déploiement de la 5G. La question va immanquablement se poser bientôt dans l’infrastructure des réseaux…

    Read More >>