Cybersecurity Insights - Articles, Whitepapers, Reports, more

Cyber threats like compromised credentials, social engineering, unpatched software, misconfigured cloud apps, and MFA hijacking are on the rise. Prioritizing…

VIDEOS

Are You a Soft Target?

Discover 2023’s repeat attacks, top vectors, and staying secure. Don’t be a soft target! Watch the video.

VIDEOS

Is There a Silver Bullet for Threat Detection?

Diverse threats, no one-size-fits-all solution. Watch our video for a multi-faceted security approach, no silver bullet, but a silver lining.

WHITEPAPERS

Which SOC Model is Best?

Every business–no matter its size–is a bullseye for cyber criminals. Data breaches cost an average of $4.45 million globally, according…

ARTICLES

Netsurion Named a Top MSSP for 5th Year in a Row

Netsurion named a top Managed Security Service Provider for the 5th year in a row on MSSP Alert’s 2023 Top…

VIDEOS

What is Risk Appetite?

What exactly is risk appetite and do you know what yours is? Watch this video for insights into the significance…

VIDEOS

How Can You Enhance the Value of Vulnerability Scanning?

Vulnerability scanning is critical, but automated scans are typically of low value and CVSS scores alone are insufficient for determining…

VIDEOS

True/False – Disabling Word Macros is Enough

Several misconceptions abound when it comes to securing Microsoft Word. Most often heard is that disabling macros and using Protected…

VIDEOS

What is Dharma Ransomware and How Does It Work?

Delve into the step-by-step tactics of Dharma ransomware from the Crysis family to uncover how it infiltrates high-value networks, evades…

ARTICLES

8 Essential Skills for Modern Cybersecurity Professionals

Explore the vital skills needed in cybersecurity to safeguard data, networks, and systems amidst evolving threats. Prepare for the rewarding…

VIDEOS

Myth – Cybersecurity is a Cost Center

Is communicating the value of cybersecurity to the C-suite and the board a consistent struggle? You’re not alone as many…

ARTICLES

5 Pitfalls in Cloud Cybersecurity Shared Responsibility Model

Discover the shared responsibility model for cloud security and avoid common pitfalls. Learn how to secure your data, understand your…

ARTICLES

MSPs: How to Deliver Best-Fit Cybersecurity for Every Client

Deliver right-sized cybersecurity to your clients with the expertise of Managed Service Providers. Learn how to address their unique needs…

VIDEOS

Malware Names – Where Do They Come From?

Have you ever wondered where malware names come from? Explore the origins and meanings of some of the most notorious…

VIDEOS

Powerful, Flexible, Simple Cybersecurity – Can You Have It All?

Creating a cost-effective cybersecurity service to meet the needs of all customers, from simple to complex networks, is difficult. MSPs…

VIDEOS

What is Mimikatz and How Can You Protect Against It?

Mimikatz is a decryption tool that exploits a known Microsoft Windows authentication vulnerability and has been packaged in various malicious…

ARTICLES

Malware’s Crazy Names: Where Do They Come From?

Discover the intriguing world of malware naming madness. Uncover the secrets behind the origins of malware names like Heartbleed, Melissa,…

VIDEOS

Why Adopt the Shared Responsibility Model in Your SecOps?

A shared responsibility model helps reduce potential gaps in security coverage for organizations by clearly defining security processes, roles, and…

VIDEOS

5 Habits of Highly Effective Threat Hunters

What is threat hunting and how does proactive threat hunting differ from traditional threat response efforts? Watch this video to…

VIDEOS

Anatomy of a Modern Attack

Delve into the various routes threat actors take to gain unauthorized access to an organization and navigate compromised environments to…

VIDEOS

CyberEdge’s 2023: Threat Defense Report – Key Insights You Need to Know

This webinar is on the Key Insights from CyberEdge’s 2023 Cyberthreat Defense Report (CDR). As the standard for assessing organizations’…

TOOLS

Cybersecurity Maturity Model Assessment

Use this cybersecurity maturity model assessment to see where you stack up against cyber threats and get a roadmap to…

ARTICLES

Align Your Cybersecurity Posture to Your Cyber-Risk Tolerance

Your business’s IT network is constantly connected to the Internet, includes countless SaaS applications and API connections, and is accessed…

VIDEOS

What is Zero Trust Architecture?

What is zero trust architecture? Why has it grown in popularity? How has this changed the way we allow users…

VIDEOS

DIY SIEM vs. Managed XDR

Discover how to relieve the frustration from a Do-it-Yourself SIEM by implementing Managed XDR services.

INFOGRAPHICS

2023 Cyberthreat Defense Report Infographic

CyberEdge’s 2023 Cyberthreat Defense Report (CDR) has become the standard for assessing organizations’ security posture, for gauging perceptions of IT…

VIDEOS

Too small to be Hacked?

Don’t believe the fallacy that SMB businesses are too small to be hacked. Watch this short video to find out…

CASE STUDIES

Cybersecurity and Compliance for Altamaha Bank & Trust

Cybersecurity and Compliance for Altamaha Bank & Trust A community bank with $ 150 million in assets services customers with…

CASE STUDIES

Cybersecurity for IT Managed Service Provider (MSP)

Cybersecurity for IT Managed Service Provider (MSP) With more than 35 years in the business, this Managed Service Provider (MSP)…

ARTICLES

Navigating Your Managed Cybersecurity Options

If you’re aiming to improve your organization’s threat detection and incident response (TDIR) capabilities, I’m willing to bet you’re annoyed…

VIDEOS

MSPs Delivering Better Faster Incident Response

In this episode of the Partnering for Cybersecurity Success webinar series, we talk about the common struggles with cybersecurity incident…

WHITEPAPERS

Managed SIEM Buyer’s Guide

Cybersecurity experts recognize that a managed SIEM can effectively perform the heavy lifting of log aggregation, security analytics, and threat…

VIDEOS

What Security Improvements Can I Make to Help my Security Team?

Did you know there are a number of steps you can take to improve security and help out your security…

VIDEOS

What is Kovter and How can it be Prevented?

Kovter is malware that has evolved over time and is most recently known for click fraud. It is a malicious,…

INFOGRAPHICS

What to Expect from Your SOC-as-a-Service

Are you experiencing a shrinking IT budget and a shortage of cybersecurity experts? Building and retaining a 24/7 SOC team…

INFOGRAPHICS

Today’s Cybersecurity Isn’t as Secure as You Think

Today’s Cybersecurity Isn’t as Secure as You Think Companies try to prevent attackers from getting into their systems with the…

INFOGRAPHICS

How SMBs are Dealing with Cybersecurity Threats in 2019?

How SMBs are Dealing with Cybersecurity Threats in 2019? Small and medium-size (SMBs) have been the target of cyber attacks…

INFOGRAPHICS

Protecting MSPs from Cyber Attacks

Protecting MSPs from Cyber Attacks View insights on why Managed Service Providers (MSPs) are being targeted by adversaries so you…

INFOGRAPHICS

SMB Cyber Risk Today

SMB Cyber Risk Today Protecting a business’ IT infrastructure and data can be difficult with the abundance of threats out…

INFOGRAPHICS

Technology is Just The Tip of The Iceberg

Technology is Just The Tip of The Iceberg SIEM (Security Information and Event Management) is foundational along with other technologies.…

INFOGRAPHICS

The Cost of Doing Nothing

The Cost of Doing Nothing The cost of doing nothing can be greater than the cost of protecting your business.

INFOGRAPHICS

October is National Cybersecurity Awareness Month

Being “cyber secure” is not for the faint of heart. As part of National Cybersecurity Awareness Month, we are counting…

VIDEOS

What Are the Five Worst Practices for AWS Account Safety?

When an AWS account experiences a security breach, we generally see that the reason for the breach is similar to…

CASE STUDIES

SOC-as-a-Service for Business Information Solutions

SOC-as-a-Service for Business Information Solutions Business Information Solutions (BIS) is a full-service IT support company specializing in comprehensive IT solutions…

CASE STUDIES

Co-managed SIEM for an Insurance Company

Co-managed SIEM for an Insurance Company This U.S. based insurance company has 55+ years of experience supporting agents and clients…

ARTICLES

Incident Response: Whose Job is It?

Effective Incident Response (IR) always involves the IT security professionals who know their business and cybersecurity posture best. But whose…

VIDEOS

What is Cobalt Strike and How Does It Work?

What is Cobalt Strike and how does it work? Cobalt strike is a weaponized software that deploys a difficult-to-detect beacon…

ARTICLES

Six Proactive Steps to Expand Attack Surface Coverage

Organizations use 40+ products and IT tools on average to manage networks, SaaS applications, and endpoints. This fragmented approach creates…

INFOGRAPHICS

2022 MDR Data Quadrant Report

How does Netsurion stack up? Check out this infographic to see how cybersecurity providers ranked on customer experience, vendor capabilities,…

VIDEOS

Reflections on Cybersecurity for 2022

As 2022 comes to an end, consider these lessons learned as we prepare for a new year of cybersecurity challenges,…

ARTICLES

Best Practices for MSPs Offering Security Services

During our recent webinar “Ask Netsurion Anything,” our panel of experts addressed questions on topics ranging from meeting customer needs…

VIDEOS

An MSP Security Q&A Session with Our Panel of Experts

Offering a managed cybersecurity service to your clients is tougher than it sounds. Clients expect you to handle any new…

ARTICLES

Cybersecurity Cyber Crime in 2023: What MSPs Need to Know

Managed service providers face a double-edged sword in the world of cyber security and cybercrime. In May 2022, a joint…

VIDEOS

What are the Cybersecurity Trends We Can Expect in 2023?

A.N. Ananth, Chief Strategy Officer at Netsurion, discusses 7 top trends that he sees leading the way in 2023. From…

VIDEOS

What are the Different Types of MDR Service Providers?

Managed Detection & Response (MDR) is all the rage, and countless vendors have shown up that tout brilliant, low-effort outcomes.…

ARTICLES

Identity is the New Endpoint

For most organizations, the network map has changed dramatically. Once organizations had a defined network perimeter that clearly distinguished “inside”…

VIDEOS

What is Emotet and How Does It Work?

What is Emotet and how does it work? What is Emotet today? Discover how Emotet came to be and what…

WHITEPAPERS

Build, Buy, or Partner Your SOC

As a Managed Service Provider (MSP), your customers are constantly at risk from cyber attacks. Cyber criminals are increasingly targeting…

ARTICLES

Five Fallacies That Are Holding Back Adoption of Threat Hunting

Organizations can no longer afford to be just reactive, relying solely on detection and response when it comes to cybersecurity.…

VIDEOS

What is XDR?

What is XDR? How to extend the scope of monitoring beyond the endpoint.

ARTICLES

How To Defend Against Threat Group Attacks

It’s no secret that cybersecurity threats are rising for organizations of all sizes and industries. U.S. cybersecurity authorities like the…

WHITEPAPERS

Practical Guide to Merchant Cybersecurity

Cybersecurity is complex enough as it is. But merchants, particularly those in the retail, restaurant, and hospitality space, are dealing…

ARTICLES

MSSP Live 2022 Top MSP Cybersecurity Takeaway: Teamwork Makes the Dream Work

A common dedication to providing excellent client services, a driving need to enhance cybersecurity capabilities and an outstanding cyber monetization…

INFOGRAPHICS

See Yourself in Cyber: Cybersecurity Awareness Month 2022

While cybersecurity may seem like a complex subject, ultimately, it’s really all about people. Even if you’re not a cybersecurity…

VIDEOS

Do You Even Threat Hunt Bro?

Step up your threat hunting process without overwhelming your team. See where you sit on the Hunting Maturity Model today,…

ARTICLES

The True Cost of Setting Up and Operating a 24×7 Security Operations Center (SOC)

Understanding the costs behind setting up and running a Security Operations Center is important to making informed decisions about how…

ARTICLES

Four Ways MSSPs can Boost Security Speed and Readiness

As more service providers explore offering a Managed Detection and Response (MDR) solution, they may face indecision or inertia during…

VIDEOS

What is the Difference Between Open & Native XDR?

How do you remove blind spots from siloed security tools? What is the difference between Open & Native XDR?

VIDEOS

How to Optimize a Small IT Security Team?

Cybersecurity is an arms race. And the average business has a small, thinly stretched infosec team. Couple that with a…

ARTICLES

Four CompTIA ChannelCon Takeaways for MSPs to Boost Cybersecurity

It was great to be back in Chicago for ChannelCon 2022. Thank you to CompTIA for their successful event, with…

VIDEOS

How Much Does It Cost To Operate and Setup a 24×7 SOC?

What functions are covered by a modern SOC? What do you need for a fully effective SOC? What are your…

ARTICLES

A Perfect Storm Ahead: MSSP Preparation for Economic Uncertainty

Marketplace changes are inevitable. Rapid shifts to remote work, cloud computing, and digitalization have all led to increased demand and…

VIDEOS

What Size Security Team Do You Need?

What size security team do you need to protect against ransomware? What tasks will I need them to perform

ARTICLES

MSPs Need Both Cybersecurity Automation and Human Expertise

The rising level of security threats and public incidents demand new approaches to people, processes, and technology that optimize manual…

ARTICLES

Helping Enterprises of All Sizes Accelerate Their Security Journey

Change is the only constant in the IT security space. Here at Netsurion, we strive to empower organizations to take…

VIDEOS

Does SOC Location Matter?

Does the location of the physical SOC matter? How does the location of the security data differ, and why does…

ARTICLES

Threat Hunting: Five Myths for MSPs to Overcome

Threat hunting is gaining traction as businesses look for more proactive methods to combat multi-stage ransomware attacks and devious “low…

VIDEOS

What’s the Difference Between Log Management and SIEM?

What is the difference between log management and SIEM? Why are both relevant and critical to IT security, compliance, and…

VIDEOS

Insights from the CyberEdge Cyberthreat Defense Report

CyberEdge’s 2022 Cyberthreat Defense Report (CDR) has become the standard for assessing organizations’ security posture, for gauging perceptions of IT…

ARTICLES

Renew Focus on Web Application Security

Today’s always-on digital businesses and service providers rely on web applications and APIs to fuel growth, run eCommerce sites and…

WHITEPAPERS

2023 Cyberthreat Defense Report

A record 76% of IT security professionals believe their organization will be compromised by a successful cyberattack in 2023. Download…

ARTICLES

Key Takeaways from MITRE ATT&CKcon 3.0 for Defenders

MITRE ATT&CKcon 3.0, the conference dedicated to the ATT&CK community, returned at MITRE headquarters in Virginia last month. As a…

WHITEPAPERS

Understanding XDR: Beyond the Buzzwords

Are you planning to modernize your cybersecurity stack to keep up with advanced cyber threats? Wondering if XDR is just…

ARTICLES

Improve Security with a Cyber Hygiene Routine

As advanced threats continue to morph and escalate, it’s easy to gravitate towards the latest tool or “shiny object” in…

ARTICLES

Consolidation: The Cure for Cybersecurity Vendor Sprawl

There are three cybersecurity “givens” that small-to-medium-sized businesses (SMBs) often face. One is you are not too small to be…

ARTICLES

Ransomware Protection: Who’s Responsible for What?

Ransomware risk changed dramatically for Managed Security Service Providers (MSSPs) and their clients in 2021. The Kaseya hack used a…

ARTICLES

Demystifying MDR: Five Myths for MSSPs

Small-to-medium-sized businesses (SMBs) are continuously seeking ways to safeguard their data and resiliency against persistent criminals through increased cyber defenses.…

ARTICLES

Cloud and SaaS Security: Mind the Gap

Software-as-a-Service (SaaS) applications and infrastructure providers like Amazon Web Services (AWS) and Microsoft Azure have become the norm for organizations…

ARTICLES

How to Combat the Rising Costs of Cybersecurity Insurance

Even though your business may have cybersecurity insurance, it doesn’t mean you can avoid the steps necessary to prevent bad…

ARTICLES

MSPs Versus Ransomware in 2022: Where Multi-Layered Security Fits In

Skyrocketing ransomware threats and extortion demands show no sign of slowing down in 2022. Average ransomware demands surged by 518%…

ARTICLES

MSPs: How to Add Security Services Fast and Affordably

You’ve seen it over and over again in the headlines – small subcontractors are often soft-target gateways for hacking large…

ARTICLES

Vulnerability Management and Protection: Think Like a Hacker

Today’s modern attack surface encompasses the network, cloud, endpoints, mobile devices, and applications and is constantly under attack from well-armed…

ARTICLES

How to Overcome Three Major Cybersecurity Budget Hurdles

Success starts with a well-planned strategic budget. Face the fear…now’s the time to plan for powerful yet practical cybersecurity.

VIDEOS

Three Things Security Pros Do to Protect Against Ransomware?

Ransomware continues to be the number one resilience threat. It is now a proven market for cyber criminals, generating millions…

ARTICLES

Use MITRE ATT&CK to Thwart Ransomware Faster

Ransomware has made a resurgence and is impacting both IT service providers and the businesses they serve. What if you…

VIDEOS

Introduction to Netsurion Managed XDR

Netsurion Managed XDR solution provides the necessary synergy between people, process, and technology to truly deliver world-class cybersecurity today.

VIDEOS

What is XDR and Does it Warrant Investment?

Over the last decade we have seen the security technology market constantly splinter into smaller categories as emerging technology and…

VIDEOS

Ransomware Attack Through Kaseya VSA

A.N. Ananth outlines what happened with the Kaseya VSA ransomware attack, how it compares to the SolarWinds vulnerability, how Netsurion…

VIDEOS

Consolidate Tech Stacks to Reduce Costs and Enhance Security

Frustrated by an ever changing and increasingly complex set of security solutions, mid-market organizations – and the IT service providers…

ARTICLES

Criminal Gang NOBELIUM Ramps Up Attacks

Threat researchers detected threat group NOBELIUM conducting several waves of malicious spear phishing email campaigns. Each wave used different technical…

ARTICLES

Why Managed Endpoint Security Eliminates Cybersecurity Blind Spots

Incomplete cybersecurity information visibility comes at a cost. Without real-time comprehensive visibility, organizations experience blind spots that handcuff your cybersecurity…

CASE STUDIES

Cybersecurity and Compliance for South River Electric Membership Corporation

Cybersecurity and Compliance for South River Electric Membership Corporation South River Electric Membership Corporation, (South River EMC) is a member-owned…

VIDEOS

What Should XDR Solutions Do for You

Discover XDR’s power with A.N. Ananth! Learn benefits & use cases of Netsurion’s MTP platform for enhanced cybersecurity defense.

VIDEOS

Building Upon Microsoft 365’s Security Foundations

As one of the most used application suites, Microsoft (Office) 365 continues to ingrain its applications, products, and data into…

ARTICLES

MDR is a Critical Capability for MSSPs: Keys to Making the Right Choice

MSSPs need airtight threat detection and rapid, reliable remediation. The optimal way to do this is to ensure you have…

VIDEOS

Why MSSPs are Enhancing SOC-as-a-Service

In today’s Service Provider ecosystem, SOC-as-a-Service (SOCaaS) has become an accepted model for delivering cybersecurity capabilities. Unfortunately, many SOCaaS and…

ARTICLES

Ten Steps to Defend Your Microsoft Exchange Servers from ProxyLogon Exploit

Microsoft has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. According to reports, observations…

ARTICLES

Building Trust: Four Tips for MSSPs

Customers look to Managed Security Service Providers (MSSPs) as trusted advisors in achieving digital transformation and navigating ever-evolving data security…

VIDEOS

Lessons Learned in 2020, and Where Managed Security is Heading in 2021

This past year challenged us in novel ways and with dramatic shifts, but it also provided many lessons. While 2021…

ARTICLES

How SOC-as-a-Service Enhances Security Operations

Faced with rising cybersecurity concerns, MSPs and mid-sized organizations are maturing their security posture beyond a network operations center and…

VIDEOS

How CISOs are Preparing for 2021

To stay secure in the modern connected world, businesses must keep track of all emerging cybersecurity threats, no matter in…

VIDEOS

Defend Against Insider Threats: Why They are Hard to Find & Stop

Insider threats continue to be on the rise, and are now estimated to comprise 30% of all cyber incidents. While…

ARTICLES

Front-Line MSSPs Share 2021 Cybersecurity Predictions

In 2020, we saw digital transformation accelerate along with rising ransomware, threats caused by human error and misconfigurations, and challenges…

ARTICLES

8 Threats to Watch for this Holiday Season

This holiday season will be like no other with the continued use of remote work, greater online sales, third-party sourcing…

ARTICLES

3 Tips to Stretch Your Cybersecurity Dollar

Businesses are always looking for ways to deliver increased value to clients while optimizing efficiency, and this year is no…

VIDEOS

How the Endpoint Protection Evolution is Changing Managed Detection and Response

For far too long, cybersecurity professionals have had to cobble together multiple tech tools and staff augmentation to round out…

ARTICLES

Think Like a Hacker with MITRE ATT&CK

The threat landscape continues to accelerate, with sophisticated attacks becoming more commonplace as ransomware-as-a-service accelerates and legacy security tools fail…

ARTICLES

Key Elements of MDR for Powerful and Practical Cybersecurity

The rise in ransomware attack volume and sophistication is a wake-up call for executives and IT departments alike. Traditional perimeter-focused…

VIDEOS

MITRE ATT&CK for MSPs: Faster Threat Detection and Response

The MITRE ATT&CK™ framework is an ever-expanding knowledge base of known adversarial tactics and techniques that enables cyber defenders to…

WHITEPAPERS

Leveraging Log Management to Provide Business Value

Despite the obvious benefits of Log Management and its increasing recognition as a critical necessity by the IT organization, Log…

WHITEPAPERS

Choosing the Right SIEM

While there is little doubt that SIEM solutions are critical for compliance, security monitoring or IT optimization, it is getting…

INFOGRAPHICS

MSP Margins are Becoming Slimmer and Customers Less Loyal

As an MSP, your focus should be on developing trust, strategy, and a reliable partnership.

WHITEPAPERS

MSP Path to Profit with Managed Security for SMBs

With cyberattacks targeting small- to medium- size businesses (SMBs), MSPs are finding themselves at the crossroads. How do you properly…

WHITEPAPERS

Co-sourcing SIEM

When outsourcing isn’t an option but SIEM proficiency is beyond the internal staff ’s expertise, a hybrid approach is essential.…

ARTICLES

Understanding MDR, EDR, EPP, and XDR

The cybersecurity industry is notorious for coining terms and acronyms that rise and fall out of favor before they even…

VIDEOS

Deepening Endpoint Security with AI and Human Intelligence

The first look at our new endpoint threat prevention capabilities integrated into EventTracker. This strategic partnership deepens Netsurion’s threat prevention…

WHITEPAPERS

A Dollar of Prevention is Worth a Bitcoin of Cure

A true story of how one organization was impacted by a data breach. This executive brief shares the true story…

WHITEPAPERS

Maximizing Endpoint Security

There are many more endpoints than fortified servers in the data center, and they are staffed by non-technical users who…

VIDEOS

Get Serious About Selling SMB Cybersecurity: Why and How to Sell to SMBs

More than 75% of SMBs would change MSPs if they felt they would receive better protection. Netsurion wants to help…

VIDEOS

Dark Web Intelligence: Going Deeper Than Compromised Credentials

Threat actors are increasingly gathering across the dark web to coordinate, plan, and launch attacks, some of which can be…

CASE STUDIES

Co-managed SIEM/SOC for a Healthcare Company

Co-managed SIEM/SOC for a Healthcare Company This healthcare organization has over 70 years of experience assisting hospitals and health systems.…

CASE STUDIES

Co-managed SIEM for Local Government

Co-managed SIEM for Local Government This Canadian city of 100,000 has been serving its citizens for over 80 years as…

ARTICLES

Securing Zoom Conferencing to Protect Data

Business uncertainty has led to widespread adoption of working from home. Since most meaningful tasks in any organization require teamwork,…

VIDEOS

Deconstructing Ransomware to Protect Small and Medium Business

Ransomware is quietly persisting while other stories make headlines, and is now increasingly targeting small and medium sized business (SMBs).…

ARTICLES

Ransomware-as-a-Service is Skyrocketing

No matter what business you are in, it’s likely you view ransomware as one of the top cyber threats today.…

ARTICLES

Use VPN Properly to Support Work-from-Home Employees

With most employees working from home amid COVID-19 (coronavirus) outbreak, VPN servers have now become paramount to a company's backbone,…

ARTICLES

Ten Work-from-Home Cybersecurity and Productivity Tips

More Work-from-Home (WFH) scenarios due to COVID-19 present challenges as employees move from a trusted and secured office network to…

ARTICLES

Expanding Work-from-Home Increases Cybersecurity Risk

Maintaining strong cybersecurity is crucial as organizations make impromptu decisions to send more and more employees to work from home…

VIDEOS

Leveraging MITRE ATT&CK® for Increased Cybersecurity Effectiveness

The MITRE ATT&CK® framework is an ever-expanding knowledge base of known adversarial tactics and techniques that enables cyber defenders to…

ARTICLES

RSA Conference Key Takeaways for Cybersecurity Defenders

RSA Conference 2020 has come and gone. It still maintains its status as the largest security event in the world,…

ARTICLES

Avoid Log Monitoring Gaps with Holistic Coverage

A data breach today takes 127 days to detect, according to the Ponemon Institute. Comprehensive visibility and real-time analysis of…

ARTICLES

Learn Why Data Privacy is Good for Your Business

Following many high-profile data breaches, consumers have elevated data privacy to front-page news and included it as criteria for brand…

VIDEOS

Your Roadmap from MSP to MSSP: Avoid Speedbumps and Accelerate Success

Every managed service provider (MSP) is evaluating managed security services to protect their customers and increase revenue. But how? Becoming…

VIDEOS

2020 Predictions for the Partner Channel

In 2020, we believe cybersecurity convergence will become the difference maker. It will enable MSPs to deliver effective cyber threat…

VIDEOS

Cybersecurity Holiday Tips

The holiday season is upon us and Netsurion is here to remind you that cybercrime doesn’t take a holiday. View…

ARTICLES

5 Smart Ways to Thwart Login Attacks

Just like locking your front door is crucial to protect your house, monitoring account logins to organizational servers and workstations…

ARTICLES

Cybercrime Doesn’t Take a Holiday

The holidays are a busy time for most business owners as they ramp up to serve consumers excited to find…

ARTICLES

7 Steps to Better Website Security for National Cybersecurity Awareness Month

Threats and threat actors continue to evolve and morph, creating advanced and even more dangerous tactics to mitigate. October is…

ARTICLES

Is the ELK Stack a SIEM?

The ELK (Elasticsearch, Logstash, Kibana) stack is a popular open source log analysis and management platform. The collection, processing, normalization,…

ARTICLES

Best Practices to Halt Insider Threats

While nation-state threat actors and external hackers often garner the headlines, insider threats are an often-overlooked threat vector. Rockwell-Boeing, Anthem…

ARTICLES

Coordinated Ransomware Attacks Hit Resource-Constrained Municipalities

A financially motivated ransomware gang hit 23 local governments in Texas in a coordinated attack. Ransomware is a type of…

ARTICLES

Black Hat Recap: Cybersecurity Insights That Enhance Security Operations

Black Hat 2019 was a learning experience and success for all. All of the hackers, presenters, vendors, and attendees have…

ARTICLES

Mitigate Software Supply Chain Attacks with SIEM and EDR

At Black Hat 2019, Eric Doerr, GM of the Microsoft Security Response Center, reminded attendees of the interconnectedness of enterprise…

ARTICLES

7 Things IT Pros Should Know about HIPAA and Protecting Patient Data

It has grown more challenging to protect patient privacy and secure sensitive data under HIPAA (Health Insurance Portability and Accountability…

ARTICLES

IT Security: How Much Should You Spend?

Just how much should you be spending on IT Security? It’s a vexing question to answer for many reasons as…

VIDEOS

MSPs are Under Attack: Keep Your Company and Your Customers Out of the Headlines

MSPs of all sizes are under constant threat from hackers trying to access end-customer systems. The biggest surprise is that…

VIDEOS

Windows 7 Migration: A Reboot on Cybersecurity

Windows 7 is dead in January 2020. Fact is, the battle has shifted to the endpoint because there are more…

ARTICLES

7 Questions Answered About Windows 7 End-of-Support

Is your organization still using Windows 7? Microsoft support is coming to a close in a few short months. If…

VIDEOS

3 keys to Powerful Yet Practical Cybersecurity

The cybersecurity market is certainly not short on over-hyped tools designed to solve a specific threat vector. But what is…

ARTICLES

3 Do’s and 1 Don’t to Improve Your IT Security

Overwhelmed by the hype from security vendors in overdrive? Notice the innovation and trends and feel like jumping on the…

ARTICLES

Protecting Legal Data: 3 Ways MSPs Can Enhance Cybersecurity

The legal world is centered on offering clients protection—and in the current technology environment, that extends to cybersecurity. With the…

ARTICLES

How to Protect Financial Data: 4 Cyber Risks MSPs Can’t Ignore

Banks have always been a prime target for cybercriminals. With enormous stores of cash and consumer data, and the massive…

ARTICLES

Protecting Managed Service Providers from Cyber Attacks

As a Managed Service Provider (MSP) offering IT infrastructure and end-user systems, your clients rely on you with their valuable…

ARTICLES

How to Justify EDR with Three Top Business Cases

Increasing complexity and frequency of attacks have escalated the need for detection of attacks and incident response. Endpoints are the…

ARTICLES

How to Protect Healthcare Data: 5 Cybersecurity Tips for MSPs

For MSPs serving clients in the healthcare industry, protecting data can be complex. With compliance enforcement like HIPAA , for…

VIDEOS

Has Your Revenue Growth Slowed?

Shrinking opportunity, increased price pressure, difficulty getting meetings with prospects.the list goes on. Join Netsurion and David Stelzl, author of…

ARTICLES

SIEMpocalypse?

Did you know that Microsoft is a security vendor? No, it’s true. For years, the company was hammered by negative…

VIDEOS

SIEM Worst Practices: How To Sidestep Common Mistakes and Unlock SIEM’s True Potential

Netsurion’s Chief Strategy Officer A.N. Ananth joins Holger Schultze, CEO at Cybersecurity Insiders, outline Security Information and Event Management (SIEM)…

ARTICLES

What is EDR and Why It is Critical to SMB Security?

Over 7 billion global devices in an always on and continuously connected world create a soft target for today’s attacker.…

VIDEOS

What is SIEM and Why Is It Important?

Ever heard of Security Information and Event Management (SIEM)? Watch this brief video to learn more about SIEM and why…

VIDEOS

Understanding the Cybersecurity Landscape

Proper cybersecurity includes controls to prevent, detect, and respond to cyber threats. This multi-layer cybersecurity strategy to protect your business…

ARTICLES

Five Takeaways from the 2019 SIEM Study

We recently released the findings of the Security Information and Event Management (SIEM) study conducted by Cybersecurity Insights. The study…

ARTICLES

Practical Ways to Implement Threat Hunting

If you think your organization is too small to be targeted by threat actors, think again. Over 60% of organizations…

VIDEOS

Cybersecurity War Stories:
Bad Guys and Good Guys Both Represent a Risk to MSPs and their Clients

Cybercriminals are not using traditional attack methods to invade your systems, so you can’t use traditional cybersecurity defense to stop…

ARTICLES

Is a Business Really Protected or is it Home Alone: Prevent, Detect, and Respond for True Security

Protecting a business’ IT infrastructure and data can be difficult with the abundance of threats out there, the array of…

ARTICLES

Cybersecurity Trends and Predictions 2019

The year 2018 saw ransomware families such as CryptoLocker and variants like Locky continue to plague organizations as cybersecurity adversaries…

ARTICLES

Buy, Rent, or Uber Your Security Operations Center

For cyber criminals, everyone’s a target. We must assume that, at some point, every organization’s IT infrastructure will be breached.…

ARTICLES

Why a Co-Managed SIEM?

In simpler times, security technology approaches were clearly defined and primarily based on prevention with things like firewalls, anti-virus, web, and…

ARTICLES

Accelerate Your Time-to-Value with Security Monitoring

A hot trend in the Managed Service Provider (MSP) space is emerging, transforming from an MSP to a Managed Security…

ARTICLES

Big Data or Smart Questions for Effective Threat Hunting

Advances in data analytics and increased connectivity have merged to create a powerful platform for change. Today, people, objects, and…

ARTICLES

Master the Art of Selling Managed Security Services as an MSP

When it comes to selling security, one of the major challenges faced by managed services providers (MSPs) is changing the…

VIDEOS

Bracing for the Tidal Wave of Data Privacy Compliance in America

Ignorance is not bliss. As discussed in the webcast, Data Privacy Compliance in America is changing rapidly. Staying ignorant of…

ARTICLES

Three Causes of Incident Response Failure

Breaches continue to be reported at a dizzying pace. In 2018 alone, a diverse range of companies — including Best…

ARTICLES

Venom Vulnerability exposes most Data Centers to Cyber Attacks

Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch…

ARTICLES

Pay Attention to System Security Access Events

There are five different ways you can log on in Windows called “logon types.” The Windows Security Log lists the…

ARTICLES

Tracking removable storage with the Windows Security Log

With data breaches and Snowden-like information grabs, I’m getting increased requests for how to track data moving to and from…

ARTICLES

5 types of DNS attacks and how to detect them

DNS is an attractive mechanism for performing malicious activities like network reconnaissance, malware downloads, or communication with their command and…

ARTICLES

The Ultimate Playbook to Become an MSSP

Now that advanced cybersecurity protections are a must-have in today’s landscape, organizations of all sizes are increasingly seeking out and…

VIDEOS

From POS Reseller to Managed Service Provider

Retail IT service providers are being asked over and over to do more for their customers, and the opportunity for…

ARTICLES

Top 3 Microsoft 365 Security Concerns and What to do About Them

Microsoft 365 is immensely popular across all industry verticals in the small-to-medium-sized business (SMB) space. It is often the killer app…

ARTICLES

The Bite Behind the Bark: Enforcement Power of GDPR

There’s an old saying: Their bark is worse than their bite. However, this is not the case with the penalties…

ARTICLES

Today’s CISO Challenges – The Talent Gap

It continues to be challenging being a Chief Information Security Officer (CISO) today – and this year promises no rest.…

VIDEOS

GDPR-Five Things You Should Know

GDPR is the biggest change in 20 years for European data security. All EU-based or multi-national companies must comply, but…

ARTICLES

Do you have a cyber blind spot?

What's the cost of securing your network from a cyber attack? According to Precision Analytics and The CAP Group, many…

ARTICLES

Time is money. Downtime is loss of money.

The technological revolution has introduced a plethora of advanced solutions to help identify and stop intrusions. There is no shortage of…

ARTICLES

Cybersecurity is an Investment, Not a Cost Center

The cybersecurity threat landscape is in constant motion – ever evolving. According to Kaspersky Labs, 323,000 new malware strains are…

ARTICLES

How to Protect Your Network from Ransomware Tips from the FBI

The FBI estimates that more than 4,000 ransomware attacks have occurred daily since the beginning of 2016. That’s a 300% increase from the…

ARTICLES

The Difference Between a SIEM Solution and SIEM Tool: Features vs. Outcomes

Can you simply buy a “SIEM solution”? Turns out you really cannot, no matter how hard you try nor how…

ARTICLES

Catch Malware Hiding in WMI with Sysmon

Security is an ever-escalating arms race. The good guys have gotten better about monitoring the file system for artifacts of…

ARTICLES

Host-based Versus Network-based Security

The argument is an old one; are you better off with a network-based detector, assuming all hosts will eventually communicate,…

VIDEOS

A Day in the Life of Your Website

We spun up a dummy website to conduct an experiment on website cybersecurity. The results were very interesting. In less…

ARTICLES

For of all sad words of tongue or pen, the saddest are these: ‘We weren’t logging’

It doesn't rhyme and it's not what Whittier said but it's true. If you don't log it when it happens,…

ARTICLES

Once More Unto the Data (Breach), Dear Friends

As I reflect on this year, a Shakespearean quote plays out in my mind – when King Henry the Fifth…

VIDEOS

Emotet – A Tale of Two Cities: How One Municipality Neutralized the Threat Quickly

The Emotet virus has crippled Allentown, PA and is expected to cost an estimated $1 million dollars to fix the…

VIDEOS

Changes to PCI DSS v3.2 and What It Means for You

Are you compliant with PCI DSS Version 3.2? Restaurants, retailers, hotels, doctors’ and lawyers’ offices, and many more, all need…

ARTICLES

True Cost of Data Breaches

The Cisco Annual Cybersecurity Report provides insights based on threat intelligence gathered by Cisco's security experts, combined with input from…

VIDEOS

Let’s Go Threat Hunting: Gain Visibility and Insight into Potential Threats and Risks

As the threat landscape continues to evolve mere protection, however diligent, is not practical to defend against threats. Adversaries are…

ARTICLES

The Perimeter is Dead: Long-live the Perimeter

In 2005, the Department of Homeland Security commissioned Livermore National Labs to produce a kind of pre-emptive post-mortem report.

VIDEOS

Advanced Threat Protection for SMBs

Learn why firewalls, anti-virus, and anti-malware alone may not be enough to secure your business from the ever-evolving threat landscape. We…

VIDEOS

Creating a Healthcare Cybersecurity Battle Plan

A good security plan can be overwhelming at first, but with the right knowledge and expertise, it can be simplified…

VIDEOS

POS Ransomware – Imagine the Impact

What can be done to truly protect a business? Go beyond bare-bones security regulatory compliance by implementing security measures to…

VIDEOS

WannaCry Ransomware Webinar

Is it over? Will it happen again? – How it spreads – What it does – Technical details – What…

VIDEOS

How does EMV and P2PE impact PCI compliance?

Cybersecurity is complex enough as it is. But to compound the issue, merchant businesses in the retail, restaurant, and hospitality…

VIDEOS

Cybersecurity is Not Rocket Science

The word cybersecurity can seem daunting and bring to mind images of costly software and hardware needed to protect your…

VIDEOS

Financial Cybersecurity Under Attack

It’s no secret that the financial industry is under attack. If we learn by recent examples, we know that technology…

VIDEOS

PCI DSS Compliance

We all hear it over and over again: complying with data protection requirements is expensive. But did you know that…

ARTICLES

Can your Cybersecurity Posture be Called “Reactive Chaos”?

Does this sound familiar? You have no control of your environment and most of your efforts are diverted into understanding…

ARTICLES

3-Minute Breakdown of Cybersecurity’s Biggest Buzzwords

The cybersecurity market is loaded with ambiguous buzzwords and competing acronyms that make it very difficult to clearly distinguish one…

ARTICLES

Security Signals Everywhere: Finding the Real Crisis in a World of Noise

Imagine dealing with a silent, but mentally grating barrage of security alerts every day. The security analyst’s dilemma?

ARTICLES

Believe it or not, compliance saves you money

We all hear it over and over again: complying with data protection requirements is expensive. But did you know that…

ARTICLES

Attribution of an attack – don’t waste time on empty calories

When we are attacked, we feel a sense of outrage and the natural tendency is to want to somehow punish…

ARTICLES

Going Mining for Bitcoin

While you’ve been busy defending against ransomware, the bad guys have been scheming about new ways to steal from you.…

ARTICLES

Prevention is Key in Cybersecurity

A lot of data, an overwhelming amount actually, is available from hundreds of sources, but rarely is it observed. Having…

ARTICLES

Experimenting with Windows Security: Controls for Enforcing Policies

Interest continues to build around pass-the-hash and related credential artifact attacks, like those made easy by Mimikatz. The main focus…

ARTICLES

SIEM, UEBA, SOAR and Your Cybersecurity Arsenal

The evolution of Security Information and Event Management (SIEM) solutions has made a few key shifts over time. It started…

ARTICLES

Make a cybersecurity list and check it twice this holiday season

As the holidays swiftly approach, many of us are making lists and plans as part of the crescendo of year-end…

ARTICLES

Which security functions outsource poorly and which outsource well

The IT security industry’s skill shortage is a well-worn topic. Survey after survey indicates that a lack of skilled personnel…

ARTICLES

Avoid Three Common Active Directory Security Pitfalls

While the threats have changed over the past decade, the way systems and networks are managed have not. We continue…

ARTICLES

A haunting tale, just in time for the fall: Don’t let what happened to them, happen to you

The old Haunted Hotel with squeaky wood floors, welcomed all guests who dared enter the front doors. Guests arrived from…

ARTICLES

Three myths surrounding cybersecurity

A common dysfunction in many companies is the disconnect between the CISO, who views cybersecurity as an everyday priority, versus…

ARTICLES

Report All the Binary Code Executing on Your Network with Sysmon Event IDs

Computers do what they are told, whether good or bad. One of the best ways to detect intrusions is to…

ARTICLES

Can general purpose tools work for IT security?

This post got me thinking about a recent conversation I had with the CISO of a financial company. He commented…

ARTICLES

Malware, Ransomware, and the Next Big Threat

Imagine the lost revenue for a major retailer if they needed to shut down all of their stores for a…

ARTICLES

Equifax’s enduring lesson — perfect protection is not practical

Equifax, one of the big-three US credit bureaus, disclosed a major data breach. It affects 143 million individuals — mostly Americans,…

ARTICLES

Three critical advantages of EventTracker Essentials

By now it’s accepted that SIEM is a foundational technology for both securing a network from threats as well as…

ARTICLES

Three paradoxes disrupting IT Security

2017 has been a banner year for IT Security. The massive publicity of attacks like WannaCry have focused public attention…

ARTICLES

Think you are too small to be hacked?

Why has ransomware exploded on to the scene in 2017? Because it works.

ARTICLES

How do you determine IT security risk?

How much security is enough? That’s a hard question to answer. You could spend $1 or $1M on security and…

ARTICLES

Ransomware’s Next Move

While IT security teams identify, hunt, and remove specific variants of the ransomware, there may already be unknown mutated varieties…

ARTICLES

Protecting Against Ransomware Attacks: What Every Business Needs to Know

Ransomware attack frequency is at its height as there have been more than 4,000 ransomware attacks happening each day for…

ARTICLES

Yet Another Ransomware That Can be Immediately Detected with Process Tracking on Workstations

As I write this, yet another ransomware attack is underway. This time it’s called Petya, and it again uses SMB…

ARTICLES

Petya Ransomware – What it is and what to do

A new ransomware variant is sweeping across the globe known as Petya. It is currently having an impact on a…

ARTICLES

Perfect protection is not practical

With distressing regularity, new breaches continue to make headlines. The biggest companies, the largest institutions both private and government are…

ARTICLES

Five Myths About Ransomware

Ransomware is a popular weapon for cyber criminals. Worldwide in 2020, there were 304 million ransomware attacks, a 62% increase…

ARTICLES

Tips for Protecting Information While on the Go: What Summer Travelers Need to Know About Security

As the summer travel season quickly approaches, most people envision exchanging work clothes and school books for shorts, flip flops,…

ARTICLES

Safeguard Your Business Against Ransomware Threats

As the second iteration of the WannaCry ransomware impacting IT infrastructure around the globe is expected, we want to arm…

ARTICLES

Challenges with Threat Intelligence or why a Honeynet is a good idea

Shared threat intelligence is an attractive concept. The good guys share experiences about what the bad guys are doing thereby…

ARTICLES

When a SIEM is Like an Exercise Machine Stuck Behind the Junk in Your Garage

I’m a big believer in security analytics and detective controls in general. At least sometimes, bad guys are going to…

ARTICLES

5 Security Tips for Small and Multi-location Tax and Accounting Firms: Tax Season and Beyond

Tax season is a busy time of year for hackers, given the ample opportunities to steal personal and financial information…

ARTICLES

Essential soft skills for cybersecurity success

IT workers in general, but more so IT Security professionals, pride themselves on their technical skills. Keeping abreast of the…

ARTICLES

Who suffers more – cybercrime victims or cybersecurity professionals?

So you got hit by a data breach, an all too common occurrence in today’s security environment. Who gets hit?…

ARTICLES

Top three high risk behaviors that compromise IT Security

The insider threat is typically much more infrequent than external attacks, but they usually pose a much higher severity of risk…

ARTICLES

Ransomware is only getting started

Ransomware is about denying you access to your data via encryption. But that denial has to be of a great…

ARTICLES

Foster a Healthy Security Posture

Securing medical records is a complex undertaking. Healthcare organizations need an array of security technologies that can be used to…

ARTICLES

EventTracker Enterprise and the Cyber Kill Chain

Defense strategies that focus exclusively on the perimeter and on prevention do not take into account the kill chain life…

ARTICLES

Your Voice for SMB Compliance Pains

We believe that every business should have the means to protect themselves and their customers from cyberattacks, and the PCI…

ARTICLES

‘Twas the Night Before Christmas – an EventTracker Story

‘Twas the night before Christmas and all through HQ Not a creature was stirring, except greedy Lou – An insider…

ARTICLES

Compliance is not a proxy for due care

Regulatory compliance is a necessary step for IT leaders, but it’s not sufficient enough to reduce residual IT security risk to tolerable…

ARTICLES

May Your Holidays be Merry, Bright, and Hack Free: Security Tips for the Biggest Shopping Season

Though there are many companies out there responsible for securing merchant locations from the risks of data breaches, people’s own…

ARTICLES

Work Smarter – Not Harder

Log collection, SIEM and security monitoring are the journey not the destination. Unfortunately, the destination is often a false positive. …

ARTICLES

How To Make Cybersecurity Great Again: Guidance For President-Elect Donald Trump

Are you feverishly working to patch your systems today with the latest available patches? Or are you spending your time…

ARTICLES

How the EventTracker/Netsurion merger will bring you more powerful cybersecurity solutions

We are delighted that EventTracker is now part of the Netsurion family. On October 13, 2016 we announced our merger…

ARTICLES

A Day in the Life of a Consumer

Years ago, in a data security nightmare not so far away…I found out how quickly a brand could change from…

ARTICLES

Tracking Physical Presence with the Windows Security Log

How do you figure out when someone was actually logged onto their PC? The data is there in the security…

ARTICLES

Key takeaways from the presidential debate on cybersecurity.

?The presidential debate, as entertaining as it was for many, was a great place to hear about the focus needed…

ARTICLES

IT Service Providers: Mind the Security Gap

Persistent threats affecting businesses of all sizes and in all verticals are becoming more consistent and hitting more frequently. The…

ARTICLES

Demystifying PCI Compliance

PCI compliance: that daunting phrase you always hear in the world of payments…but never truly understand. Well we’re here to…

ARTICLES

What is privilege escalation and why should you care?

A common hacking method is to steal information by first gaining lower-level access to your network. This can happen in…

ARTICLES

Monitoring DNS Traffic for Security Threats

Cyber criminals are constantly developing increasingly sophisticated and dangerous malware programs. Statistics for the first quarter of 2016 compared to…

ARTICLES

RetailNOW Recap 2016: Security Top of Mind for Attendees

The event, aimed at connecting the point-of-sale (POS) technology ecosystem, was extremely successful because it gave us the perfect platform…

ARTICLES

How to control and detect users logging onto unauthorized computers

Windows gives you several ways to control which computers can be logged onto with a given account. Leveraging these features…

ARTICLES

POS VARs – Don’t be a Target!

When business owners start looking at Point-of-Sale (POS) systems, they may feel overwhelmed at the infinite amount of options they…

ARTICLES

7 ways you can prevent credit card fraud when shopping!

We know how tempting those summer sales are! But are you being careful on where you are swiping your card?

ARTICLES

Idea to retire: Do more with less

Ideas to Retire is a TechTank series of blog posts that identify outdated practices in public sector IT management and…

ARTICLES

Detect Persistent Threats on a Budget

There’s a wealth of intelligence available in your DNS logs that can help you detect persistent threats. So how can…

ARTICLES

Do you know where your data is?

In this fifth article of the series, we continue to explore the basic ways businesses can keep their networks safer.…

ARTICLES

Dirty truths your SIEM vendor won’t tell you

Analytics is an essential component of a modern SIEM solution. The ability to crunch large volumes of log and security…

ARTICLES

Are you guilty of any of these PCI myths?

We have gathered what have been common comments that we hear from business owners. And today, we would like to…

ARTICLES

Should I be doing EDR? Why isn’t anti-virus enough anymore?

Detecting virus signatures is so last year. Creating a virus with a unique signature or hash is quite literally child’s…

ARTICLES

What you should know about programs, ports and services

In this fourth article in the series, we continue to explore some of the basic ways that business of all…

ARTICLES

Uncover C&C traffic to nip malware

In a recent webinar, we demonstrated techniques by which EventTracker monitors DNS logs to uncover attempts by malware to communicate…

ARTICLES

7 things you need to know about Anti-Virus protection.

In this entry we discuss the topic of anti-virus protection. There are many questions that come up when we talk…

ARTICLES

The Perils of Using Remote Access Software

While software that can be installed on your PC and used to remotely connect when you are away from your…

ARTICLES

Maximize your SIEM ROI

Far too many SIEM implementations are considered to be catastrophes. Having implemented hundreds of such projects, here are the three…

ARTICLES

Why is patching important to the security of your business?

If you are not keeping up with regular patching of your computer and the programs that run on it –…

ARTICLES

Detecting Ransomware: The Same as Detecting Any Kind of Malware?

Ransomware burst onto the scene with high profile attacks against hospitals, law firms and other organizations. What is it and…

ARTICLES

Protecting your business from hacker’s attacks.

2016 Verizon Breach Investigations Report (Part 3 of 3) We've covered the 4 patterns of attack used by hackers, expanded…

ARTICLES

What tools are hackers using to access businesses’ networks?

2016 Verizon Breach Investigations Report (Part 2 of 3) In our previous post we showed you that regardless of the…

ARTICLES

Research points to SIEM-as-a-Service

SC Magazine released the results of a research survey focused on the rising acceptance of SIEM-as-a-Service for the small and…

ARTICLES

Is your business at risk of a data breach?

2016 Verizon Breach Investigations Report (Part 1 of 3) The 80 page report is packed with valuable data breach insights.…

ARTICLES

No Business is Too Small for Hackers!

It's National Small Business Week! Let's celebrate the hard work you do and make sure your business continues to grow.…

ARTICLES

Welcome to the New Security World of SMB Partners

Yet another recent report confirms the obvious, that SMBs in general do not take security seriously enough. The truth is…

ARTICLES

Your Best Defense Against Ransomware Might Be Your Employees

While your business’ data security program should consist of many components, perhaps the most effective defense to ransomware is building…

ARTICLES

Top 3 traits of a successful Security Operations Center

Traditional areas of risk — financial risk, operational risk, geopolitical risk, risk of natural disasters — have been part of…

ARTICLES

Just how dangerous is ransomware?

Ransomware is a business’ worst nightmare. This malware infects computers and restricts the users from accessing any of their data…

ARTICLES

Is the IT Organizational Matrix an IT Security Problem?

Do you embrace the matrix? The fact is, once networks get to a certain size, IT organizations begin to specialize…

ARTICLES

Cloud Security Starts at Home

Cloud security is getting attention and that’s as it should be. But before you get hung up on techie security…

ARTICLES

Last Year’s Cyber Attack Trends — This Year’s Implications

The range of threats included trojans, worms, trojan downloaders and droppers, exploits and bots (backdoor trojans), among others. When untargeted…

ARTICLES

Hungry…Hungry…HIPAA

I have fond memories of playing a board game called Hungry Hungry Hippos in my younger days. Today’s medical practices…

ARTICLES

Mobile Tech in Healthcare Can Put Your Practice at Risk

While you focus on providing the best health service for your patients, it is easy to under-estimate the risks that…

ARTICLES

Certificates and Digitally Signed Applications: A Double Edged Sword

Windows supports the digitally signing of EXEs and other application files so that you can verify the provenance of software…

ARTICLES

Top 5 SIEM complaints

Here’s our list of the Top 5 SIEM complaints:1) We bought a security information and event management (SIEM) system, but it’s…

ARTICLES

The Cost of False IT Security Alarms

Think about the burglar alarm systems that are common in residential neighborhoods. In the eye of the passive observer, an…

ARTICLES

SIEM: Sprint or Marathon?

Winning a marathon requires dedication and preparation. Over long periods of time. A sprint requires intense energy but for a…

ARTICLES

Pain-Free Data Security for Medical Offices

It’s understandable that the primary goal of any healthcare practice is to keep their patients healthy and safe. But what…

ARTICLES

The Assume Breach Paradigm

Given today’s threat landscape, let’s acknowledge that a breach has either already occurred within our network or that it’s only…

ARTICLES

2015: “The Year of the Healthcare Hack”

2015 was a tough year for the healthcare industry. Some are even calling 2015 “the year of the healthcare hack”.…

ARTICLES

SIEM and Return on Security Investment (RoSI)

The traditional method for calculating standard Return on Investment (RoI) is that it equals the gain minus the cost, divided…

ARTICLES

Diagnosing Account Lockout in Active Directory

Here we are going to look for Event ID 4740. This is the security event that is logged whenever an…

ARTICLES

Cybersecurity Professionals

As data breaches occur more and more, it is no secret that the market needs more cybersecurity professionals. Here are…

ARTICLES

Security Subsistence Syndrome

Security Subsistence Syndrome (SSS) is defined as a mindset in an organization that believes it has no security choices and…

ARTICLES

Catching Hackers Living off the Land Requires More than Just Logs

If attackers can deploy a remote administration tool (RAT) on your network, it makes it so much easier for them.…

ARTICLES

The Ten Steps Post Data Breach

Nearly 60% of businesses have experienced a breach in the last two years. Have you ever considered what would happen…

ARTICLES

When is an alert not an alert?

Users of the EventTracker platform know that one of its primary functions is to apply built-in knowledge to reduce the flood…

ARTICLES

The Transition to EMV Isn’t Over

Merchants know by now that after October 1st the liability for card-present fraud will shift to whichever party is the…

ARTICLES

How Strong Are Your Passwords? Tips To Keep You Protected

Passwords keep your accounts and network safe but may also be a gateway for hackers. Here are some quick tips…

ARTICLES

How to Detect Low Level Permission Changes in Active Directory

We hear a lot about tracking privileged access today because privileged users like Domain Admins can do a lot of…

ARTICLES

Find Out Who Is Affected By A Data Breach?

The number of data breaches continues to increase. Cybercrime affects your brand, your customers and your employees in ways that…

ARTICLES

Healthcare Practices are at Particularly High Risk of Data Breach

The CDC estimates that close to 80% of office-based physicians use some form of electronic medical records. This increase, coupled…

ARTICLES

The Impact Of A Data Breach

What is the true cost of a data breach? A data breach affects your business, brand, and reputation. But it…

ARTICLES

Three Indicators of Attack

For many years now, the security industry has become somewhat reliant on ‘indicators of compromise’ (IoC) to act as clues…

ARTICLES

Are You Listening to Your Endpoints?

There’s plenty of interest in all kinds of advanced security technologies like threat intelligence, strong/dynamic authentication, data loss prevention and…

ARTICLES

The Detection Deficit

The gap between the ‘time to compromise’ and the ‘time to discover’ is the detection deficit. According to Verizon DBIR,…

ARTICLES

Netsurion Defense Against Backoff

In the wake of BackOff, and numerous other data breaches, consumers are demanding answers into the how and why surrounding…

ARTICLES

User Location Affinity

It’s clear that we are now working under the assumption of a breach. The challenge is to find the attacker…

ARTICLES

Wireless Security for Business

In today’s business world, a major draw for many customers is the ability to stay connected while outside the office.…

ARTICLES

How to shoot yourself in the foot with SIEM

Six ways to shoot yourself with SIEM technology: 1) Dont plan; just jump in 2) Have no defined scope or…

ARTICLES

Five quick wins to reduce exposure to insider threats

A data breach has serious consequences both directly and indirectly. Lost revenue and a tarnished brand reputation both inflict harm…

ARTICLES

Secure, Usable, Cheap: Pick any two

This fundamental tradeoff between security, usability, and cost is critical. Yes, it is possible to have both security and usability,…

ARTICLES

Six Simple Rules For Safe Credit Card Handling

It is becoming more and more frequent to read about electronic data breaches in the news these days. Unfortunately, what…

ARTICLES

Four Key Steps to Rapid Incident Response

Is it possible to avoid security breaches? Judging from recent headlines, probably not. Victims range from startups like Kreditech, to…

ARTICLES

Death by a Thousand cuts

You may recall that back in 2012, then Secretary of Defense Leon Panetta warned of “a cyber Pearl Harbor; an attack…

ARTICLES

Enriching Event Log Monitoring by Correlating Non Event Security Information

Sometimes we get hung up on event monitoring and forget about the “I” in SIEM which stands for information. Not…

ARTICLES

Threat Intelligence and The Pyramid of Pain

There is great interest among security technology and service providers about the intersection of global threat intelligence with local observations in…

ARTICLES

Every Merchant Needs Electronic Data Protection

How many days go by between news stories involving computer breaches? The truth of the matter is that as long…

ARTICLES

What good is Threat Intelligence integration in a SIEM?

Bad actors/actions are more and more prevalent on the Internet. Who are they? What are they up to? Are they prowling…

ARTICLES

Why Naming Conventions are Important to Log Monitoring

Log monitoring is difficult for many reasons. For one thing there are not many events that unquestionably indicate an intrusion…

ARTICLES

Why Risk Classification is Important

Traditional threat models posit that it is necessary to protect against all attacks. While this may be true for a…

ARTICLES

State Sponsored Hacking – More Than an Issue for Sony

We live in a brave new world where the spies of yesteryear, like James Bond and Jason Bourne, are truly…

ARTICLES

How many people does it take to run a SIEM?

You must have a heard light bulb jokes, for example: How many optimists does it take to screw in a…

ARTICLES

Five Steps to Protect Retailers from Credit Card Theft

The Georgia based fast food company, Chick-fil-A, has confirmed that it is investigating a potential credit card breach. The investigation…

ARTICLES

Are honeypots illegal?

In computer terminology, a honeypot is a computer system set to detect, deflect, or, in some manner, counteract attempts at unauthorized use…

ARTICLES

Backoff Has Been Upgraded Harder to Detect

So when you are a hacker and you write the most successful financial transaction hacking software in history, what do…

ARTICLES

Three key advantages for SIEM-As-A-Service

Security Information and Event Management (SIEM) technology is an essential component in a modern defense-in-depth strategy for IT Security. SIEM…

ARTICLES

IT Community Shaken By Shellshock Vulnerabilities

In the wake of Heartbleed, comes a new form of exposure that could potentially do much more damage than any…

ARTICLES

Top 5 Linux log file groups in/var/log

If you manage any Linux machines, it is essential that you know where the log files are located, and what…

ARTICLES

Backoff Is the New Standard by Which Other Malware Will Be Judged

Every now and then hackers develop a piece of malware that is so insidious that it changes the landscape of…

ARTICLES

Case of the Disappearing Objects: How to Audit Who Deleted What in Active Directory

I often get asked how to audit the deletion of objects in Active Directory. It’s pretty easy to do this…

ARTICLES

SIEM and Return on Investment: Four Pillars for Success

Return on investment (ROI) – it is the Achilles heel of IT management. Nobody minds spending money to avoid costs,…

ARTICLES

The 5 stages of SIEM Implementation

Are you familiar with the Kübler-Ross 5 Stages of Grief model? SIEM implementation (and indeed most enterprise software installations) bear a striking resemblance.

ARTICLES

Top 6 uses for SIEM

Security Information and Event Management (SIEM) is a term coined by Gartner in 2005 to describe technology used to monitor…

ARTICLES

How to analyze login and pre-authentication failures for Windows Server 2003 R2 and below

Analyzing all the login and pre-authentication failures within your organization can be tedious. There are thousands of login failures generated…

ARTICLES

Netsurion services and OpenSSL the Heartbleed issue

Many of our customers and resellers have asked how Heartbleed affected Netsurion services. In a nutshell, the managed services that…

ARTICLES

Will CIOs Be the Final Victim After a Breach

In the wake of their breach, Target announced on March 5, 2014 that their CIO, Beth Jacob was announcing her…

ARTICLES

Monitoring File Permission Changes with the Windows Security Log

Unstructured data access governance is a big compliance concern. Unstructured data is difficult to secure because there’s so much of…

ARTICLES

There Is No Honor Among Thieves – Target Could Take Advantage of This

For the past several months, there have been numerous stories about major retailers that have been breached by hackers. The…

ARTICLES

About the PCI Security Standards Council

The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management,…

ARTICLES

Looking back: Operation Buckshot Yankee & agent.btz

It was the fall of 2008. A variant of a three year old relatively benign worm began infecting U.S. military…

ARTICLES

Target Has A Bullseye On Its Chest

When Target announced that it had suffered a major breach of approximately 40 million credit cards and 70 million customer…

ARTICLES

Why Comply with PCI Security Standards

Why should you, as a merchant, comply with the PCI Security Standards? At first glance, especially if you are a…

ARTICLES

Auditing File Shares with the Windows Security Log

Over the years, security admins have repeatedly asked me how to audit file shares in Windows. Until Windows Server 2008,…

ARTICLES

Thieves Tried to Steal Credit Cards from Nordstrom

The department store giant garnered unwanted attention earlier this month when they announced that a Florida store fell victim to…

ARTICLES

PCI 3.0 Is Coming – Are You Ready?

Every 3 years the Payment Card Industry Data Security Standard (PCI) is updated to a new version. The time for…

ARTICLES

Following a User’s Logon Tracks throughout the Windows Domain

What security events get logged when a user logs on to their workstation with a domain account and proceeds to…

ARTICLES

What did Ben Franklin really mean?

In the aftermath of the disclosure of the NSA program called PRISM by Edward Snowden to a reporter at The Guardian, commentators…

ARTICLES

Balancing Privacy and Security

In the wake of the most recent terrorist bombing in Boston, it is easy to understand why some people would…

ARTICLES

Square Cash – A Money Transfer Game Changer?

Square strives to make financial transactions simple enough so that the average person on the street can participate. Before Square,…

ARTICLES

Using Dynamic Audit Policy to Detect Unauthorized File Access

One thing I always wished you could do in Windows auditing was mandate that access to an object be audited…

ARTICLES

Internet Explorer 8 – People Still Love It, But There’s a Problem

This type of issue with a browser is so damaging because computer hackers who take advantage of it, can execute…

ARTICLES

Hackers May Just Look to Embarrass You

When you think about electronic security, what comes to mind? Do you consider how vulnerable your customer credit cards are,…

ARTICLES

How to Use Process Tracking Events in the Windows Security Log

I think one of the most underutilized features of Windows Auditing and the Security Log are Process Tracking events. In…

ARTICLES

Do Hackers Fear U.S. Jails?

In what should only be considered a victory for the U.S. DOJ, 2 of the 4 alleged Subway hackers responsible…

ARTICLES

Threatscape 2012 – Prevent, Detect, Correct

The past year has been a hair-raising series of IT security breakdowns and headlining events reaching as high as RSA…

ARTICLES

Subtraction, Multiplication, Division and Task Unification through SIEM and Log Management

When we originally conceived the idea of SIEM and log management solution for IT managers many years ago, it was…

ARTICLES

Virtualization Security What are the Real World Risks

There’s been a lot of recent hype about security risks with the rise of virtualization, but much of it is…

ARTICLES

Security Logging as a Detective and Deterrent Control Against Rogue Admins

Intrusion detection and compliance are the focus of log management, SIEM and security logging. But security logs, when managed correctly…

ARTICLES

Logging for HIPAA Part 2; Secure auditing in Linux

HIPAA Logging HOWTO, Part 2 The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines relevant security and privacy…

ARTICLES

Sustainable vs. Situational Values

I am often asked that if Log Management is so important to the modern IT department, then how come more…

ARTICLES

Logs vs Bots and Malware Today

Despite the fact that security industry has been fighting malicious software – viruses, worms, spyware, bots and other malware since…

ARTICLES

MSSP /SaaS /Cloud Computing – Confused? I know I am

There is a lot of discussion around Security MSSPs, SaaS (Security as a Service) and Cloud Computing these days. I…

ARTICLES

SIEM: Security, Incident AND Event MANAGEMENT, not Monitoring!

Unfortunately, IT is not perfect; nothing in our world can be. Compounding the inevitable failures and weaknesses in any system…

ARTICLES

Why are Workstation Security Logs so Important?

No one needs to be convinced that monitoring Domain Controller security logs is important; member servers are equally as important:…

ARTICLES

The Key Difference between “Account Logon” and “Logon/Logoff” Events in the Windows Security Log

An area of audit logging that is often confusing is the difference between two categories in the Windows security log:…

ARTICLES

The Art of Detecting Malicious Activity with Logs

Randy Franklin Smith compares methods for detecting malicious activity from logs including monitoring for high impact changes, setting up tripwires…

ARTICLES

Logs for Insider Abuse Investigations

In most previous newsletters, we have discussed the use of logging for various regulatory mandates (such as PCI DSS, HIPAA…

ARTICLES

Detecting Zeus, Logging for incident response, and more

Preparing the Infrastructure From all the uses for log data across the spectrum of security, compliance, and operations, using logs…

ARTICLES

5 cyber security myths, the importance of time synchronization, and more

Time won't give me time: The importance of time synchronization for Log Management

ARTICLES

100 Log Management uses #29 Detecting XSS attacks

The number 1 vulnerability on the OWASP list is cross site scripting or XSS. XSS seems to have replaced SQL…

ARTICLES

The EPS Myth

Often when I engage with a prospect their first question is “How many events per second (EPS) can EventTracker handle?”…

ARTICLES

The 5 W’s of Security Management

The 5 W’s of security management I’ve seen it happen about a thousand times if I’ve seen it once. A…