All Articles

There are many approaches to conduct a strategic cybersecurity risks assessment.  This is one of my favorite ways, using a Threat Agent Risk Assessment (TARA) methodology. 

This paper was authored by Tim Casey, David Houlding, and I while we were at I

Incident Lifecycle Management : Threat Management - NIST Aligned Process

Incident Lifecycle Management (ILM) refers to the systematic process of handling and managing security incidents within an organization. It involves the entire lifecycle of a

We are excited for the next ‘Best Of The World’ Session On "What's Hot For State CISOs In 2023?" by Dan Lohrmann (Field CISO, Presidio), Danielle Cox (CISO, West Virginia) & Michael Gregg (CISO, North Dakota)

The 'Best Of The World' Series features

Ever wonder what kinds of things happen when good-intentioned people try to manage cybersecurity?  Well, in this case, a High School in Illinois responded to a system error by resetting every student’s password and then communicating it to all the pa

This webinar covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for pre

Overview of Incident Response

Incident response is a critical aspect of any organization's cybersecurity strategy. When a security incident occurs, it is crucial to have a well-defined plan in place to handle the situation effectively. This blog pos

We are excited for the next ‘Best Of The World’ Session On "Understanding Cloud Attack Vectors" by Moshe Ferber (Cloud Security Expert, Frequent Speaker at Defcon, Blackhat, RSAC APJ)

The 'Best Of The World' Series features the world's best securit

Hackers are exploiting an un-patchable vulnerability (CVE-2023–2868) in Barracuda Email Security Gateway appliances. Barracuda has announced that customers should discontinue using the email security product or upgrade. Hackers are using multiple typ

In this Cybersecurity Vault episode, I talk with Roger Sels about cybersecurity resource efficiency and maximizing value. Roger is a longtime cybersecurity executive and co-founder of a startup that is focused on helping CISOs identify opportunities

This webinar covers various aspects, including the rise in cyber security incidents, identification of vulnerabilities and loopholes, effective prevention strategies, mitigation techniques, and more. It aims to provide a comprehensive understanding o

We are excited for the next ‘Best Of The World’ Session On "How To Create Scalable And Sustainable Cybersecurity Program For Any Size Organization" by Gordon Rudd, (Ex-CISO RCB Bank | Author | Coach)

The 'Best Of The World' Series features the worl

Over 18 years, RSAC Innovation Sandbox contest brings cybersecurity's new innovators to put the spotlight on their potentially game-changing ideas. Each year, 10 finalists grab the spotlight for a three-minute pitch while demonstrating groundbreaking

We had a community webinar on "From Chaos To Control : Lessons Learned From The Ransomware Attack". We discussed the importance of cybersecurity and the growing threat of ransomware attacks. Described the specific incident we experienced, highlightin

We are excited for the next ‘Best Of The World’ Session On "Impacts of Web3 on Cybersecurity : Cyber Security Incidents; Loopholes; Prevention; Mitigation & More" by Gregory Pickett (Blackhat USA Speaker, CISSP, GCIA, GPEN, Head of Cybersecurity Oper