Cybersecurity topics and trends all too often wind up in a convoluted and confusing mess. In Netsurion’s Cybersecurity Q&A video series, our experts unpack common questions so you can be more confident and in control when it comes to securing your IT infrastructure.

thumb security controls

Why do security controls fail regularly?

Focusing on security controls without consideration for real-world behavior makes the job of securing your organization more difficult. Check out this video to learn how releasing a bit of control can actually strengthen your security.

thumb workstation logs

Are workstation logs worth monitoring?

Monitoring firewall and server logs is critical for your organization’s security, but monitoring workstation logs is often overlooked. Watch this video to find out how monitoring workstations boosts your overall security posture.

thumb soft target

Are you a soft target?

If you’re entirely dependent on prevention and have 100% faith that your defenses will catch absolutely everything, then you might be a soft target. Check out this video to discover the state of repeat attacks in 2023, the top attack vectors, and the secret to avoid becoming a soft target.

thumb silver bullet

Is there a silver bullet for threat detection?

Threats and attack vectors vary greatly, and there’s no one-size-fits-all solution for detecting threats. If only it were that easy. Check out our latest video for a multi-faceted approach to security and uncover that while there’s no silver bullet, there is a silver lining.

thumb ransom intro

Introduction to Ransomware Deconstructed

Netsurion’s Chief Strategy Officer and co-creator of our Open XDR platform, A.N. Ananth, provides expert insight into the topic of ransomware. Topics in this Ransomware Deconstructed video series include: what is ransomware and why has it exploded in recent years, what is the lifecycle of a ransomware attack, types of prevalent ransomware, who is attacking, and more. Join us and uncover details about ransomware.

ransomware exploded 1

Why has ransomware exploded?

Ransomware has been around in some form or fashion for more than three decades but only recently became prevalent in terms of widespread cybercrime usage. Ransomware alone makes up nearly a quarter of all malware incidents. So, what’s the cause for the increased popularity of ransomware? Watch this short video to find out the simple answer.

ransomware lifecycle

What is the lifecycle of a ransomware incident?

Understanding the stages of a ransomware attack is key to knowing how to defend against it. Watch this video to review the lifecycle of ransomware incidents from target identification to encoding/encryption of your environment so you are better prepared for detection and quick response in the event your organization becomes a target.

ransomware prevalent

What types of ransomware are prevalent?

Multitudes of ransomware packages are available for those with malicious intent who wish to search them out and find them. However, types of ransomware can really be broken down into 3 broad categories in use today. Check out this video to learn what these three categories are and how each works so you can be better prepared in the event of an incident.

ransomware attack

Who attacks using ransomware?

Who attacks using ransomware? The easy answer is a hacker of course. In the past, threat actors tended to be part of either a criminal gang or a state-sponsored group. However, a third type of threat actor has emerged that is more business-minded and risk-averse than their predecessors. Check out this video to find out the answer to who attacks using ransomware.

ransomware policy

What policies are used in responding to ransomware?

There are differing mindsets when it comes to responding to a ransomware incident. Some take a hard-nosed approach and refuse to pay out in the event of a ransomware incident. Others may be more willing to negotiate in certain circumstances. Each organization and levels of security will differ, so there isn’t a blanket policy across the board. Check out this video for ideas on what must be in place for each type of response to ransomware.

ransomware roles

What are the key roles in responding to ransomware? 

In the event of a ransomware incident, does your organization have the people in place to fill the key roles needed? This is not just an IT effort, it requires incident response, legal minds, public relations, cyber insurance providers, and more. This video is a must-watch if you’re unsure you have the policies and staff in place to tackle ransomware.

ransomware defense

What constitutes an effective defense against ransomware?

Now that we’ve reviewed the ins and outs of ransomware, it’s time to ensure you’re defended in the event of an incident. Unfortunately, there’s not a silver bullet solution that alone covers you against ransomware attacks. However, a proactive and layered approach to security will limit the chances of an event occurring. Check out this video to learn more about defense-in-depth coverage for your organization.

risk appetite

What is risk appetite?

What exactly is risk appetite and do you know what yours is? Watch this video for insights into the significance of understanding risk appetite, effective IT-business communication across your organization, and defining acceptable risk levels for business objectives.

vulnerability scanning

Vulnerability Scanning – How can you enhance the value of scanning?

Vulnerability scanning is critical, but automated scans are typically of low value and CVSS scores alone are insufficient for determining remediation priority. So what can be done about this? How can you determine which vulnerabilities truly matter? Watch this video to find out.

true false

True/False – Disabling word macros is enough

Several misconceptions abound when it comes to securing Microsoft Word. Most often heard is that disabling macros and using Protected View keeps you perfectly safe. After all, Microsoft Word files are just documents and not software to be exploited, right? Watch this video to find out the truth of the matter.

myth

Myth – Cybersecurity is a cost center

Is communicating the value of cybersecurity to the C-suite and the board a consistent struggle? You’re not alone as many professionals meet resistance when requesting additional budget or resources. But cybersecurity is not just a cost center. Watch this video to learn how to change the perception of cybersecurity in your organization and demonstrate its strategic value and impact.

malware name

Malware names – Where do they come from?

Have you ever wondered where malware names come from? Explore the origins and meanings of some of the most notorious malware names, how they reflect the creativity and diversity of the cyberthreat landscape, and some of the challenges and efforts to standardize malware naming and classification.

shared responsibilities

Why adopt the shared responsibility model in your SecOps?

A shared responsibility model helps reduce potential gaps in security coverage for organizations by clearly defining security processes, roles, and responsibilities. But there isn’t a one-size-fits-all approach and the model can break down. So what’s the answer for modern co-managed cybersecurity?

threat hunter

5 habits of highly effective threat hunters

What is threat hunting and how does proactive threat hunting differ from traditional threat response efforts? Watch this video to find out and learn 5 habits to level up your cyber defense strategy by isolating advanced threats that evade traditional security solutions.

thumb anatomy

Anatomy of a modern attack

Delve into the various routes threat actors take to gain unauthorized access to an organization and navigate compromised environments to achieve their objectives – including the attack methods typically utilized, the potential impact they can have, and what steps can be taken to prevent them.

thumb zero trust

What is zero trust architecture?

What is zero trust architecture? Why has it grown in popularity? How has this changed the way we allow users to access Networks and Resources and what are the differences we now see between traditional architecture and zero trust?

diy siem

DIY SIEM vs. Managed XDR

Discover how to relieve the frustration from a Do-it-Yourself SIEM by implementing Managed XDR services.

too small

Too small to be hacked?

Don’t believe the fallacy that SMB businesses are too small to be hacked. Watch this short video to find out why they can actually be prime targets – and how you can protect yourself.

improve security thumb

What security improvements can I make to help my security team?

Did you know there are a number of steps you can take to improve security and help out your security team? Budget is always an issue, and security is a cost center. What can be done to assist your team in keeping your company safe? Watch this quick video to learn a few tips around cleaning up data, managing access, standardizing technology, and more.

aws account safety thumb

What are the five worst practices for AWS account safety?

When an AWS account experiences a security breach, we generally see that the reason for the breach is similar to the reasons we saw for on-premise breaches in the past. In this video, Chief Strategy Officer for Netsurion, A.N. Ananth explores the worst practices to avoid to help your company stop breaches before they occur.

What are the cybersecurity trends we can expect in 2023?

A.N. Ananth, Chief Strategy Officer at Netsurion, discusses 7 top trends that he sees leading the way in 2023. From an even more accelerated shift to hybrid work and the cloud, to ransomware attacks on operational tech and beyond, make sure you are prepared for a new year of cyber threats and defense despite the skill shortage of security pros.

email mdr services

What are the different types of MDR service providers?

Managed Detection & Response (MDR) is all the rage, and countless vendors have shown up that tout brilliant, low-effort outcomes. Buyers must look under the covers to determine what is really provided in their services, if it is in-house or provided by a partner, and if 24/7 support really means 24/7. In this video, Netsurion reviews the types of providers, and what the pros and cons are for each.

optimize small team thumb

How to optimize a small IT security team?

Cybersecurity is an arms race. And the average business has a small, thinly stretched infosec team. Couple that with a global cybersecurity talent shortage, what can you do optimize your cybersecurity outcomes?

thumb what xdr

What is XDR?

What exactly is XDR? To understand that we need to review the security journey that has transpired over the past 10-15 years. What started with AntiVirus to protect against malware evolved into Endpoint Detection & Response (EDR)/Managed Detection & Response (MDR) and now Extended Detection & Response (XDR). XDR represents the next generation of IT security and extends the scope of MDR beyond the endpoint in order to remove blind spots. 

thumb native xdr

What is the difference between Open & Native XDR?

How do you remove blind spots from siloed security tools? What is the difference between Open & Native XDR?

email soc cost

How much does it cost to operate and setup a 24×7 SOC?

What functions are covered by a modern SOC? What do you need for a fully effective SOC? What are your alternatives?

sec team size thumb

What size security team do I need?

What size security team do I need to protect against ransomware? What tasks will I need them to perform?

soc matter thumb

Does SOC location matter?

Does the location of the physical SOC matter? How does the location of the security data differ, and why does that matter?

log siem thumb

What’s the difference between log management and SIEM?

What is the difference between Log Management and SIEM? Why are both relevant and critical to IT security, compliance, and even operational efficiency?