Insights

Why Adopt the Shared Responsibility Model in Your SecOps?

A shared responsibility model helps reduce potential gaps in security coverage for organizations by clearly defining security processes, roles, and…

5 Habits of Highly Effective Threat Hunters

What is threat hunting and how does proactive threat hunting differ from traditional threat response efforts? Watch this video to…

Anatomy of a Modern Attack

Delve into the various routes threat actors take to gain unauthorized access to an organization and navigate compromised environments to…

CyberEdge’s 2023: Threat Defense Report – Key Insights You Need to Know

This webinar is on the Key Insights from CyberEdge’s 2023 Cyberthreat Defense Report (CDR). As the standard for assessing organizations’…

TOOLS

Cybersecurity Maturity Model Assessment

Use this cybersecurity maturity model assessment to see where you stack up against cyber threats and get a roadmap to…

Align Your Cybersecurity Posture to Your Cyber-Risk Tolerance

Your business’s IT network is constantly connected to the Internet, includes countless SaaS applications and API connections, and is accessed…

What is Zero Trust Architecture?

What is zero trust architecture? Why has it grown in popularity? How has this changed the way we allow users…

DIY SIEM vs. Managed XDR

Discover how to relieve the frustration from a Do-it-Yourself SIEM by implementing Managed XDR services.

2023 Cyberthreat Defense Report

CyberEdge’s 2023 Cyberthreat Defense Report (CDR) has become the standard for assessing organizations’ security posture, for gauging perceptions of IT…

Too small to be Hacked?

Don’t believe the fallacy that SMB businesses are too small to be hacked. Watch this short video to find out…

Cybersecurity and Compliance for Altamaha Bank & Trust

Cybersecurity and Compliance for Altamaha Bank & Trust A community bank with $ 150 million in assets services customers with…

Cybersecurity for IT Managed Service Provider (MSP)

Cybersecurity for IT Managed Service Provider (MSP) With more than 35 years in the business, this Managed Service Provider (MSP)…

Navigating Your Managed Cybersecurity Options

If you’re aiming to improve your organization’s threat detection and incident response (TDIR) capabilities, I’m willing to bet you’re annoyed…

MSPs Delivering Better Faster Incident Response

In this episode of the Partnering for Cybersecurity Success webinar series, we talk about the common struggles with cybersecurity incident…

2023 MDR Buyer’s Guide

Understand the fundamental differences in Managed Detection and Response vendors. The MDR market is plagued by a loose definition, by both…

Managed SIEM Buyer’s Guide

As a trusted provider of SIEM – both services and software – Netsurion has produced the Managed SIEM Buyer’s Guide…

What Security Improvements Can I Make to Help my Security Team?

Did you know there are a number of steps you can take to improve security and help out your security…

What is Kovter and How can it be Prevented?

Kovter is malware that has evolved over time and is most recently known for click fraud. It is a malicious,…

What to Expect from Your SOC-as-a-Service

Are you experiencing a shrinking IT budget and a shortage of cybersecurity experts? Building and retaining a 24/7 SOC team…

Today’s Cybersecurity Isn’t as Secure as You Think

Today’s Cybersecurity Isn’t as Secure as You Think Companies try to prevent attackers from getting into their systems with the…

How SMBs are Dealing with Cybersecurity Threats in 2019?

How SMBs are Dealing with Cybersecurity Threats in 2019? Small and medium-size (SMBs) have been the target of cyber attacks…

Protecting MSPs from Cyber Attacks

Protecting MSPs from Cyber Attacks View insights on why Managed Service Providers (MSPs) are being targeted by adversaries so you…

SMB Cyber Risk Today

SMB Cyber Risk Today Protecting a business’ IT infrastructure and data can be difficult with the abundance of threats out…

Technology is Just The Tip of The Iceberg

Technology is Just The Tip of The Iceberg SIEM (Security Information and Event Management) is foundational along with other technologies.…

The Cost of Doing Nothing

The Cost of Doing Nothing The cost of doing nothing can be greater than the cost of protecting your business.

October is National Cybersecurity Awareness Month

Being “cyber secure” is not for the faint of heart. As part of National Cybersecurity Awareness Month, we are counting…

What Are the Five Worst Practices for AWS Account Safety?

When an AWS account experiences a security breach, we generally see that the reason for the breach is similar to…

SOC-as-a-Service for Business Information Solutions

SOC-as-a-Service for Business Information Solutions Business Information Solutions (BIS) is a full-service IT support company specializing in comprehensive IT solutions…

Co-managed SIEM for an Insurance Company

Co-managed SIEM for an Insurance Company This U.S. based insurance company has 55+ years of experience supporting agents and clients…

Incident Response: Whose Job is It?

Effective Incident Response (IR) always involves the IT security professionals who know their business and cybersecurity posture best. But whose…

What is Cobalt Strike and How Does It Work?

What is Cobalt Strike and how does it work? Cobalt strike is a weaponized software that deploys a difficult-to-detect beacon…

Six Proactive Steps to Expand Attack Surface Coverage

Organizations use 40+ products and IT tools on average to manage networks, SaaS applications, and endpoints. This fragmented approach creates…

2022 MDR Data Quadrant Report

How does Netsurion stack up? Check out this infographic to see how cybersecurity providers ranked on customer experience, vendor capabilities,…

Reflections on Cybersecurity for 2022

As 2022 comes to an end, consider these lessons learned as we prepare for a new year of cybersecurity challenges,…

Best Practices for MSPs Offering Security Services

During our recent webinar “Ask Netsurion Anything,” our panel of experts addressed questions on topics ranging from meeting customer needs…

An MSP Security Q&A Session with Our Panel of Experts

Offering a managed cybersecurity service to your clients is tougher than it sounds. Clients expect you to handle any new…

Cybersecurity Cyber Crime in 2023: What MSPs Need to Know

Managed service providers face a double-edged sword in the world of cyber security and cybercrime. In May 2022, a joint…

What are the Cybersecurity Trends We Can Expect in 2023?

A.N. Ananth, Chief Strategy Officer at Netsurion, discusses 7 top trends that he sees leading the way in 2023. From…

What are the Different Types of MDR Service Providers?

Managed Detection & Response (MDR) is all the rage, and countless vendors have shown up that tout brilliant, low-effort outcomes.…

Identity is the New Endpoint

For most organizations, the network map has changed dramatically. Once organizations had a defined network perimeter that clearly distinguished “inside”…

What is Emotet and How Does It Work?

What is Emotet and how does it work? What is Emotet today? Discover how Emotet came to be and what…

Build, Buy, or Partner Your SOC

As a Managed Service Provider (MSP), your customers are constantly at risk from cyber attacks. Cyber criminals are increasingly targeting…

Five Fallacies That Are Holding Back Adoption of Threat Hunting

Organizations can no longer afford to be just reactive, relying solely on detection and response when it comes to cybersecurity.…

What is XDR?

What is XDR? How to extend the scope of monitoring beyond the endpoint.

How To Defend Against Threat Group Attacks

It’s no secret that cybersecurity threats are rising for organizations of all sizes and industries. U.S. cybersecurity authorities like the…

Practical Guide to Merchant Cybersecurity

Cybersecurity is complex enough as it is. But merchants, particularly those in the retail, restaurant, and hospitality space, are dealing…

MSSP Live 2022 Top MSP Cybersecurity Takeaway: Teamwork Makes the Dream Work

A common dedication to providing excellent client services, a driving need to enhance cybersecurity capabilities and an outstanding cyber monetization…

See Yourself in Cyber: Cybersecurity Awareness Month 2022

While cybersecurity may seem like a complex subject, ultimately, it’s really all about people. Even if you’re not a cybersecurity…

Do You Even Threat Hunt Bro?

Step up your threat hunting process without overwhelming your team. See where you sit on the Hunting Maturity Model today,…

The True Cost of Setting Up and Operating a 24×7 Security Operations Center (SOC)

Understanding the costs behind setting up and running a Security Operations Center is important to making informed decisions about how…

Four Ways MSSPs can Boost Security Speed and Readiness

As more service providers explore offering a Managed Detection and Response (MDR) solution, they may face indecision or inertia during…

What is the Difference Between Open & Native XDR?

How do you remove blind spots from siloed security tools? What is the difference between Open & Native XDR?

How to Optimize a Small IT Security Team?

Cybersecurity is an arms race. And the average business has a small, thinly stretched infosec team. Couple that with a…

Four CompTIA ChannelCon Takeaways for MSPs to Boost Cybersecurity

It was great to be back in Chicago for ChannelCon 2022. Thank you to CompTIA for their successful event, with…

How Much Does It Cost To Operate and Setup a 24×7 SOC?

What functions are covered by a modern SOC? What do you need for a fully effective SOC? What are your…

A Perfect Storm Ahead: MSSP Preparation for Economic Uncertainty

Marketplace changes are inevitable. Rapid shifts to remote work, cloud computing, and digitalization have all led to increased demand and…

What Size Security Team Do You Need?

What size security team do you need to protect against ransomware? What tasks will I need them to perform

MSPs Need Both Cybersecurity Automation and Human Expertise

The rising level of security threats and public incidents demand new approaches to people, processes, and technology that optimize manual…

Helping Enterprises of All Sizes Accelerate Their Security Journey: Introducing Our New CRO, John Addeo

Change is the only constant in the IT security space. Here at Netsurion, we strive to empower organizations to take…

Does SOC Location Matter?

Does the location of the physical SOC matter? How does the location of the security data differ, and why does…

Threat Hunting: Five Myths for MSPs to Overcome

Threat hunting is gaining traction as businesses look for more proactive methods to combat multi-stage ransomware attacks and devious “low…

What’s the Difference Between Log Management and SIEM?

What is the difference between log management and SIEM? Why are both relevant and critical to IT security, compliance, and…

Insights from the CyberEdge Cyberthreat Defense Report

CyberEdge’s 2022 Cyberthreat Defense Report (CDR) has become the standard for assessing organizations’ security posture, for gauging perceptions of IT…

Renew Focus on Web Application Security

Today’s always-on digital businesses and service providers rely on web applications and APIs to fuel growth, run eCommerce sites and…

2023 Cyberthreat Defense Report

A record 76% of IT security professionals believe their organization will be compromised by a successful cyberattack in 2023. Download…

Key Takeaways from MITRE ATT&CKcon 3.0 for Defenders

MITRE ATT&CKcon 3.0, the conference dedicated to the ATT&CK community, returned at MITRE headquarters in Virginia last month. As a…

Understanding XDR: Beyond the Buzzwords

Are you planning to modernize your cybersecurity stack to keep up with advanced cyber threats? Wondering if XDR is just…

Improve Security with a Cyber Hygiene Routine

As advanced threats continue to morph and escalate, it’s easy to gravitate towards the latest tool or “shiny object” in…

Consolidation: The Cure for Cybersecurity Vendor Sprawl

There are three cybersecurity “givens” that small-to-medium-sized businesses (SMBs) often face. One is you are not too small to be…

Ransomware Protection: Who’s Responsible for What?

Ransomware risk changed dramatically for Managed Security Service Providers (MSSPs) and their clients in 2021. The Kaseya hack used a…

Demystifying MDR: Five Myths for MSSPs

Small-to-medium-sized businesses (SMBs) are continuously seeking ways to safeguard their data and resiliency against persistent criminals through increased cyber defenses.…

Cloud and SaaS Security: Mind the Gap

Software-as-a-Service (SaaS) applications and infrastructure providers like Amazon Web Services (AWS) and Microsoft Azure have become the norm for organizations…

How to Combat the Rising Costs of Cybersecurity Insurance

Even though your business may have cybersecurity insurance, it doesn’t mean you can avoid the steps necessary to prevent bad…

MSPs Versus Ransomware in 2022: Where Multi-Layered Security Fits In

Skyrocketing ransomware threats and extortion demands show no sign of slowing down in 2022. Average ransomware demands surged by 518%…

Optimize Restaurant Cybersecurity with Real-World Best Practices

Netsurion is a key contributor along with other industry leaders who comprise the Restaurant Technology Network (RTN) Working Group. The…

MSPs: How to Add Security Services Fast and Affordably

You’ve seen it over and over again in the headlines – small subcontractors are often soft-target gateways for hacking large…

Vulnerability Management and Protection: Think Like a Hacker

Today’s modern attack surface encompasses the network, cloud, endpoints, mobile devices, and applications and is constantly under attack from well-armed…

How to Overcome Three Major Cybersecurity Budget Hurdles

Success starts with a well-planned strategic budget. Face the fear…now’s the time to plan for powerful yet practical cybersecurity.

Three Things Security Pros Do to Protect Against Ransomware?

Ransomware continues to be the number one resilience threat. It is now a proven market for cyber criminals, generating millions…

Use MITRE ATT&CK to Thwart Ransomware Faster

Ransomware has made a resurgence and is impacting both IT service providers and the businesses they serve. What if you…

Introduction to Netsurion Managed XDR

Netsurion Managed XDR solution provides the necessary synergy between people, process, and technology to truly deliver world-class cybersecurity today.

What is XDR and Does it Warrant Investment?

Over the last decade we have seen the security technology market constantly splinter into smaller categories as emerging technology and…

Ransomware Attack Through Kaseya VSA

A.N. Ananth outlines what happened with the Kaseya VSA ransomware attack, how it compares to the SolarWinds vulnerability, how Netsurion…

Consolidate Tech Stacks to Reduce Costs and Enhance Security

Frustrated by an ever changing and increasingly complex set of security solutions, mid-market organizations – and the IT service providers…

Criminal Gang NOBELIUM Ramps Up Attacks

Threat researchers detected threat group NOBELIUM conducting several waves of malicious spear phishing email campaigns. Each wave used different technical…

Why Managed Endpoint Security Eliminates Cybersecurity Blind Spots

Incomplete cybersecurity information visibility comes at a cost. Without real-time comprehensive visibility, organizations experience blind spots that handcuff your cybersecurity…

Cybersecurity and Compliance for South River Electric Membership Corporation

Cybersecurity and Compliance for South River Electric Membership Corporation South River Electric Membership Corporation, (South River EMC) is a member-owned…

What Should XDR Solutions Do for You

A.N. Ananth outlines Extended Detection and Response (XDR), its benefits, and use cases. He covers how Netsurion’s Managed Threat Protection…

Building Upon Microsoft 365’s Security Foundations

As one of the most used application suites, Microsoft (Office) 365 continues to ingrain its applications, products, and data into…

Show Your Loyal Restaurant and Retail Customers Some Love by Protecting Them and Adhering to PCI DSS Compliance

Compliance can get confusing fast. Restaurants and retail establishments have many voices talking about compliance. Most of the time, the…

MDR is a Critical Capability for MSSPs: Keys to Making the Right Choice

MSSPs need airtight threat detection and rapid, reliable remediation. The optimal way to do this is to ensure you have…

Why MSSPs are Enhancing SOC-as-a-Service

In today’s Service Provider ecosystem, SOC-as-a-Service (SOCaaS) has become an accepted model for delivering cybersecurity capabilities. Unfortunately, many SOCaaS and…

Ten Steps to Defend Your Microsoft Exchange Servers from ProxyLogon Exploit

Microsoft has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. According to reports, observations…

Building Trust: Four Tips for MSSPs

Customers look to Managed Security Service Providers (MSSPs) as trusted advisors in achieving digital transformation and navigating ever-evolving data security…

Lessons Learned in 2020, and Where Managed Security is Heading in 2021

This past year challenged us in novel ways and with dramatic shifts, but it also provided many lessons. While 2021…

How SOC-as-a-Service Enhances Security Operations

Faced with rising cybersecurity concerns, MSPs and mid-sized organizations are maturing their security posture beyond a network operations center and…

How CISOs are Preparing for 2021

To stay secure in the modern connected world, businesses must keep track of all emerging cybersecurity threats, no matter in…

Defend Against Insider Threats: Why They are Hard to Find & Stop

Insider threats continue to be on the rise, and are now estimated to comprise 30% of all cyber incidents. While…

Front-Line MSSPs Share 2021 Cybersecurity Predictions

In 2020, we saw digital transformation accelerate along with rising ransomware, threats caused by human error and misconfigurations, and challenges…

8 Threats to Watch for this Holiday Season

This holiday season will be like no other with the continued use of remote work, greater online sales, third-party sourcing…

3 Tips to Stretch Your Cybersecurity Dollar

Businesses are always looking for ways to deliver increased value to clients while optimizing efficiency, and this year is no…

How the Endpoint Protection Evolution is Changing Managed Detection and Response

For far too long, cybersecurity professionals have had to cobble together multiple tech tools and staff augmentation to round out…

Think Like a Hacker with MITRE ATT&CK

The threat landscape continues to accelerate, with sophisticated attacks becoming more commonplace as ransomware-as-a-service accelerates and legacy security tools fail…

Key Elements of MDR for Powerful and Practical Cybersecurity

The rise in ransomware attack volume and sophistication is a wake-up call for executives and IT departments alike. Traditional perimeter-focused…

MITRE ATT&CK for MSPs: Faster Threat Detection and Response

The MITRE ATT&CK™ framework is an ever-expanding knowledge base of known adversarial tactics and techniques that enables cyber defenders to…

Managing Billions of Logs Every Day

This paper highlights the major advantages of employing EventTracker to consolidate, correlate, and manage event log data by discussing the…

Managing The Virtualized Enterprise: New Technology, New Challenges

The benefits of employing virtualization in the corporate data center are compelling – lower operatingcosts, better resource utilization, increased availability…

Monitoring Windows Workstations Seven Important Events

Monitoring event logs from workstations provides two important benefits. Firstly, it saves money by adopting a proactive approach to supporting…

Leveraging Log Management to Provide Business Value

Despite the obvious benefits of Log Management and its increasing recognition as a critical necessity by the IT organization, Log…

Spotting the Adversary with Windows Event Log Monitoring

An introduction to collecting important Windows workstation event logs and storing them in a central location for easier searching and…

Security Beyond the Windows Event Log

Monitoring the Windows Event Log is critical because the operating system continuously monitors and logs critical security, system and application…

Top Ten Insider Threats

With companies making painful personnel and compensation choices in this poor economy, one of the impacts has been an explosion…

Managing USB Mass Storage Devices

This White Paper discusses how you can take advantage of the power of high capacity USB storage devices like thumb/flash…

Five Code RED Security Threats to Windows Servers

The purpose of this white paper is to identify and demonstrate how to detect five of the most significant security…

Choosing the Right SIEM

While there is little doubt that SIEM solutions are critical for compliance, security monitoring or IT optimization, it is getting…

5 Indicators of Endpoint Evil

With so much focus on security these days, it’s easy to imagine that IT departments are winning the battle against…

MSP Margins are Becoming Slimmer and Customers Less Loyal

As an MSP, your focus should be on developing trust, strategy, and a reliable partnership.

MSP Path to Profit with Managed Security for SMBs

With cyberattacks targeting small- to medium- size businesses (SMBs), MSPs are finding themselves at the crossroads. How do you properly…

Co-sourcing SIEM

When outsourcing isn’t an option but SIEM proficiency is beyond the internal staff ’s expertise, a hybrid approach is essential.…

Understanding MDR, EDR, EPP, and XDR

The cybersecurity industry is notorious for coining terms and acronyms that rise and fall out of favor before they even…

What is SASE, SD-WAN, and SD-Branch?

Trying to figure out what is really the difference between SASE, SD-WAN, and SD-Branch? Rest assured you are not alone. Before we…

Deepening Endpoint Security with AI and Human Intelligence

The first look at our new endpoint threat prevention capabilities integrated into EventTracker. This strategic partnership deepens Netsurion’s threat prevention…

Which SOC Approach is Best for You?

Every business–no matter its size–is a bullseye for cyber criminals. Data breaches cost an average of $3.6 million globally, according…

A Dollar of Prevention is Worth a Bitcoin of Cure

A true story of how one organization was impacted by a data breach. This executive brief shares the true story…

Maximizing Endpoint Security

There are many more endpoints than fortified servers in the data center, and they are staffed by non-technical users who…

Get Serious About Selling SMB Cybersecurity: Why and How to Sell to SMBs

More than 75% of SMBs would change MSPs if they felt they would receive better protection. Netsurion wants to help…

Dark Web Intelligence: Going Deeper Than Compromised Credentials

Threat actors are increasingly gathering across the dark web to coordinate, plan, and launch attacks, some of which can be…

Co-managed SIEM/SOC for a Healthcare Company

Co-managed SIEM/SOC for a Healthcare Company This healthcare organization has over 70 years of experience assisting hospitals and health systems.…

Co-managed SIEM for Local Government

Co-managed SIEM for Local Government This Canadian city of 100,000 has been serving its citizens for over 80 years as…

Is Your Restaurant’s Technology Optimized for the New Normal?

Amid the COVID-19 crisis, restaurants have been forced to quickly adapt to a takeout- and delivery-only model, leaving brands scrambling…

Securing Zoom Conferencing to Protect Data

Business uncertainty has led to widespread adoption of working from home. Since most meaningful tasks in any organization require teamwork,…

Deconstructing Ransomware to Protect Small and Medium Business

Ransomware is quietly persisting while other stories make headlines, and is now increasingly targeting small and medium sized business (SMBs).…

Ransomware-as-a-Service is Skyrocketing

No matter what business you are in, it’s likely you view ransomware as one of the top cyber threats today.…

Top 3 Must-Have Restaurant Technologies for Increased Takeout Business

Despite current challenges, the restaurant industry is adapting to the new reality of social distancing with creativity while doubling down…

Use VPN Properly to Support Work-from-Home Employees

With most employees working from home amid COVID-19 (coronavirus) outbreak, VPN servers have now become paramount to a company's backbone,…

Ten Work-from-Home Cybersecurity and Productivity Tips

More Work-from-Home (WFH) scenarios due to COVID-19 present challenges as employees move from a trusted and secured office network to…

Expanding Work-from-Home Increases Cybersecurity Risk

Maintaining strong cybersecurity is crucial as organizations make impromptu decisions to send more and more employees to work from home…

Leveraging MITRE ATT&CK® for Increased Cybersecurity Effectiveness

The MITRE ATT&CK® framework is an ever-expanding knowledge base of known adversarial tactics and techniques that enables cyber defenders to…

RSA Conference Key Takeaways for Cybersecurity Defenders

RSA Conference 2020 has come and gone. It still maintains its status as the largest security event in the world,…

Avoid Log Monitoring Gaps with Holistic Coverage

A data breach today takes 127 days to detect, according to the Ponemon Institute. Comprehensive visibility and real-time analysis of…

Learn Why Data Privacy is Good for Your Business

Following many high-profile data breaches, consumers have elevated data privacy to front-page news and included it as criteria for brand…

Your Roadmap from MSP to MSSP: Avoid Speedbumps and Accelerate Success

Every managed service provider (MSP) is evaluating managed security services to protect their customers and increase revenue. But how? Becoming…

2020 Predictions for the Partner Channel

In 2020, we believe cybersecurity convergence will become the difference maker. It will enable MSPs to deliver effective cyber threat…

Cybersecurity Holiday Tips

The holiday season is upon us and Netsurion is here to remind you that cybercrime doesn’t take a holiday. View…

5 Smart Ways to Thwart Login Attacks

Just like locking your front door is crucial to protect your house, monitoring account logins to organizational servers and workstations…

Cybercrime Doesn’t Take a Holiday

The holidays are a busy time for most business owners as they ramp up to serve consumers excited to find…

Five Things to Consider for Point-of-Sale Cellular Failover Connectivity

If a multi-location business is looking for cellular failover connectivity to ensure business continuity in the event of a blackout…

7 Steps to Better Website Security for National Cybersecurity Awareness Month

Threats and threat actors continue to evolve and morph, creating advanced and even more dangerous tactics to mitigate. October is…

Is the ELK Stack a SIEM?

The ELK (Elasticsearch, Logstash, Kibana) stack is a popular open source log analysis and management platform. The collection, processing, normalization,…

Best Practices to Halt Insider Threats

While nation-state threat actors and external hackers often garner the headlines, insider threats are an often-overlooked threat vector. Rockwell-Boeing, Anthem…

When Digital Transformation Equals Digital Disruption

The retail industry has come a long way during the last decade. Online ordering, in-store beacon technology, cloud POS, omnichannel retail…

Coordinated Ransomware Attacks Hit Resource-Constrained Municipalities

A financially motivated ransomware gang hit 23 local governments in Texas in a coordinated attack. Ransomware is a type of…

Black Hat Recap: Cybersecurity Insights That Enhance Security Operations

Black Hat 2019 was a learning experience and success for all. All of the hackers, presenters, vendors, and attendees have…

Mitigate Software Supply Chain Attacks with SIEM and EDR

At Black Hat 2019, Eric Doerr, GM of the Microsoft Security Response Center, reminded attendees of the interconnectedness of enterprise…

7 Things IT Pros Should Know about HIPAA and Protecting Patient Data

It has grown more challenging to protect patient privacy and secure sensitive data under HIPAA (Health Insurance Portability and Accountability…

IT Security: How Much Should You Spend?

Just how much should you be spending on IT Security? It’s a vexing question to answer for many reasons as…

MSPs are Under Attack: Keep Your Company and Your Customers Out of the Headlines

MSPs of all sizes are under constant threat from hackers trying to access end-customer systems. The biggest surprise is that…

Windows 7 Migration: A Reboot on Cybersecurity

Windows 7 is dead in January 2020. Fact is, the battle has shifted to the endpoint because there are more…

7 Questions Answered About Windows 7 End-of-Support

Is your organization still using Windows 7? Microsoft support is coming to a close in a few short months. If…

3 keys to Powerful Yet Practical Cybersecurity

The cybersecurity market is certainly not short on over-hyped tools designed to solve a specific threat vector. But what is…

3 Do’s and 1 Don’t to Improve Your IT Security

Overwhelmed by the hype from security vendors in overdrive? Notice the innovation and trends and feel like jumping on the…

Protecting Legal Data: 3 Ways MSPs Can Enhance Cybersecurity

The legal world is centered on offering clients protection—and in the current technology environment, that extends to cybersecurity. With the…

The Four Elements that Build a Better SD-WAN for Retail

Building a better branch network for retailers is not necessarily rocket science. At least, it doesn’t have to be. The…

How to Protect Financial Data: 4 Cyber Risks MSPs Can’t Ignore

Banks have always been a prime target for cybercriminals. With enormous stores of cash and consumer data, and the massive…

Protecting Managed Service Providers from Cyber Attacks

As a Managed Service Provider (MSP) offering IT infrastructure and end-user systems, your clients rely on you with their valuable…

How to Justify EDR with Three Top Business Cases

Increasing complexity and frequency of attacks have escalated the need for detection of attacks and incident response. Endpoints are the…

How to Protect Healthcare Data: 5 Cybersecurity Tips for MSPs

For MSPs serving clients in the healthcare industry, protecting data can be complex. With compliance enforcement like HIPAA , for…

Has Your Revenue Growth Slowed?

Shrinking opportunity, increased price pressure, difficulty getting meetings with prospects.the list goes on. Join Netsurion and David Stelzl, author of…

SIEMpocalypse?

Did you know that Microsoft is a security vendor? No, it’s true. For years, the company was hammered by negative…

SIEM Worst Practices: How To Sidestep Common Mistakes and Unlock SIEM’s True Potential

Netsurion’s Chief Strategy Officer A.N. Ananth joins Holger Schultze, CEO at Cybersecurity Insiders, outline Security Information and Event Management (SIEM)…

What is EDR and Why It is Critical to SMB Security?

Over 7 billion global devices in an always on and continuously connected world create a soft target for today’s attacker.…

What is SIEM and Why Is It Important?

Ever heard of Security Information and Event Management (SIEM)? Watch this brief video to learn more about SIEM and why…

Understanding the Cybersecurity Landscape

Proper cybersecurity includes controls to prevent, detect, and respond to cyber threats. This multi-layer cybersecurity strategy to protect your business…

5-Minute Guide to SD-WAN, MPLS, SD-Branch, NGFW, and More

The networking market is loaded with ambiguous buzzwords and competing acronyms that make it difficult to clearly distinguish one capability…

Five Takeaways from the 2019 SIEM Study

We recently released the findings of the Security Information and Event Management (SIEM) study conducted by Cybersecurity Insights. The study…

Practical Ways to Implement Threat Hunting

If you think your organization is too small to be targeted by threat actors, think again. Over 60% of organizations…

New to SD-Branch? 8 Things Retail IT Pros Need to Know.

The complexities and costs of IT network management and security in retail stores has reached a breaking point. Today’s retail…

Cybersecurity War Stories:
Bad Guys and Good Guys Both Represent a Risk to MSPs and their Clients

Cybercriminals are not using traditional attack methods to invade your systems, so you can’t use traditional cybersecurity defense to stop…

Is a Business Really Protected or is it Home Alone: Prevent, Detect, and Respond for True Security

Protecting a business’ IT infrastructure and data can be difficult with the abundance of threats out there, the array of…

Cybersecurity Trends and Predictions 2019

The year 2018 saw ransomware families such as CryptoLocker and variants like Locky continue to plague organizations as cybersecurity adversaries…

Top Ten Branch Network Predictions for 2019

It’s that time of the year again! Family and office holiday parties are gearing up, business projects are racing toward…

Buy, Rent, or Uber Your Security Operations Center

For cyber criminals, everyone’s a target. We must assume that, at some point, every organization’s IT infrastructure will be breached.…

Why a Co-Managed SIEM?

In simpler times, security technology approaches were clearly defined and primarily based on prevention with things like firewalls, anti-virus, web, and…

Should You Replace Your MPLS with SD-WAN?

Many IT leaders are excited about the benefits of SD-WAN such as cost reduction, agility/flexibility, ease of deployment, and the…

Accelerate Your Time-to-Value with Security Monitoring

A hot trend in the Managed Service Provider (MSP) space is emerging, transforming from an MSP to a Managed Security…

Big Data or Smart Questions for Effective Threat Hunting

Advances in data analytics and increased connectivity have merged to create a powerful platform for change. Today, people, objects, and…

Master the Art of Selling Managed Security Services as an MSP

When it comes to selling security, one of the major challenges faced by managed services providers (MSPs) is changing the…

Bracing for the Tidal Wave of Data Privacy Compliance in America

Ignorance is not bliss. As discussed in the webcast, Data Privacy Compliance in America is changing rapidly. Staying ignorant of…

Three Causes of Incident Response Failure

Breaches continue to be reported at a dizzying pace. In 2018 alone, a diverse range of companies — including Best…

Venom Vulnerability exposes most Data Centers to Cyber Attacks

Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch…

Implementing a Central Log Collection System

Implement a Central Collection System Microsoft has made some considerable changes to event management in Windows Vista. But are these…

Pay Attention to System Security Access Events

There are five different ways you can log on in Windows called “logon types.” The Windows Security Log lists the…

Tracking removable storage with the Windows Security Log

With data breaches and Snowden-like information grabs, I’m getting increased requests for how to track data moving to and from…

5 types of DNS attacks and how to detect them

DNS is an attractive mechanism for performing malicious activities like network reconnaissance, malware downloads, or communication with their command and…

The Ultimate Playbook to Become an MSSP

Now that advanced cybersecurity protections are a must-have in today’s landscape, organizations of all sizes are increasingly seeking out and…

From POS Reseller to Managed Service Provider

Retail IT service providers are being asked over and over to do more for their customers, and the opportunity for…

Future-Proof Your Failover Solution

The cost of network downtime or failing internet connectivity has never been higher due to incidents resulting in million-dollar losses…

Top 3 Microsoft 365 Security Concerns and What to do About Them

Microsoft 365 is immensely popular across all industry verticals in the small-to-medium-sized business (SMB) space. It is often the killer app…

The Bite Behind the Bark: Enforcement Power of GDPR

There’s an old saying: Their bark is worse than their bite. However, this is not the case with the penalties…

Today’s CISO Challenges – The Talent Gap

It continues to be challenging being a Chief Information Security Officer (CISO) today – and this year promises no rest.…

GDPR-Five Things You Should Know

GDPR is the biggest change in 20 years for European data security. All EU-based or multi-national companies must comply, but…

Do you have a cyber blind spot?

What's the cost of securing your network from a cyber attack? According to Precision Analytics and The CAP Group, many…

PCI Compliance and Hotels

To streamline operations, improve service and remain competitive, hotels use computers to handle numerous tasks. While automation facilitates hotel operations…

Time is money. Downtime is loss of money.

The technological revolution has introduced a plethora of advanced solutions to help identify and stop intrusions. There is no shortage of…

Cybersecurity is an Investment, Not a Cost Center

The cybersecurity threat landscape is in constant motion – ever evolving. According to Kaspersky Labs, 323,000 new malware strains are…

How to Protect Your Network from Ransomware Tips from the FBI

The FBI estimates that more than 4,000 ransomware attacks have occurred daily since the beginning of 2016. That’s a 300% increase from the…

The Difference Between a SIEM Solution and SIEM Tool: Features vs. Outcomes

Can you simply buy a “SIEM solution”? Turns out you really cannot, no matter how hard you try nor how…

Catch Malware Hiding in WMI with Sysmon

Security is an ever-escalating arms race. The good guys have gotten better about monitoring the file system for artifacts of…

Looking for Cost-Effective Business Continuity? Consider these five things before you buy.

One of the key benefits for most businesses deploying SD-WAN is the reduction in WAN costs by up to 80…

Host-based Versus Network-based Security

The argument is an old one; are you better off with a network-based detector, assuming all hosts will eventually communicate,…

The Top Considerations When Buying a 4G LTE Router

More and more businesses are adopting 4G LTE either to set up a backup network connection or to gain internet…

A Day in the Life of Your Website

We spun up a dummy website to conduct an experiment on website cybersecurity. The results were very interesting. In less…

For of all sad words of tongue or pen, the saddest are these: ‘We weren’t logging’

It doesn't rhyme and it's not what Whittier said but it's true. If you don't log it when it happens,…

Once More Unto the Data (Breach), Dear Friends

As I reflect on this year, a Shakespearean quote plays out in my mind – when King Henry the Fifth…

Emotet – A Tale of Two Cities: How One Municipality Neutralized the Threat Quickly

The Emotet virus has crippled Allentown, PA and is expected to cost an estimated $1 million dollars to fix the…

Changes to PCI DSS v3.2 and What It Means for You

Are you compliant with PCI DSS Version 3.2? Restaurants, retailers, hotels, doctors’ and lawyers’ offices, and many more, all need…

True Cost of Data Breaches

The Cisco Annual Cybersecurity Report provides insights based on threat intelligence gathered by Cisco's security experts, combined with input from…

Let’s Go Threat Hunting: Gain Visibility and Insight into Potential Threats and Risks

As the threat landscape continues to evolve mere protection, however diligent, is not practical to defend against threats. Adversaries are…

The Perimeter is Dead: Long-live the Perimeter

In 2005, the Department of Homeland Security commissioned Livermore National Labs to produce a kind of pre-emptive post-mortem report.

Advanced Threat Protection for SMBs

Learn why firewalls, anti-virus, and anti-malware alone may not be enough to secure your business from the ever-evolving threat landscape. We…

Creating a Healthcare Cybersecurity Battle Plan

A good security plan can be overwhelming at first, but with the right knowledge and expertise, it can be simplified…

POS Ransomware – Imagine the Impact

What can be done to truly protect a business? Go beyond bare-bones security regulatory compliance by implementing security measures to…

WannaCry Ransomware Webinar

Is it over? Will it happen again? – How it spreads – What it does – Technical details – What…

How does EMV and P2PE impact PCI compliance?

Cybersecurity is complex enough as it is. But to compound the issue, merchant businesses in the retail, restaurant, and hospitality…

Cybersecurity is Not Rocket Science

The word cybersecurity can seem daunting and bring to mind images of costly software and hardware needed to protect your…

Financial Cybersecurity Under Attack

It’s no secret that the financial industry is under attack. If we learn by recent examples, we know that technology…

PCI DSS Compliance

We all hear it over and over again: complying with data protection requirements is expensive. But did you know that…

Changes to PCI DSS and What It Means for You

Are you compliant with PCI DSS Version 3.2? Restaurants, retailers, hotels, doctors' and lawyers' offices, and many more, all need to…

Can your Cybersecurity Posture be Called “Reactive Chaos”?

Does this sound familiar? You have no control of your environment and most of your efforts are diverted into understanding…

3-Minute Breakdown of Cybersecurity’s Biggest Buzzwords

The cybersecurity market is loaded with ambiguous buzzwords and competing acronyms that make it very difficult to clearly distinguish one…

Security Signals Everywhere: Finding the Real Crisis in a World of Noise

Imagine dealing with a silent, but mentally grating barrage of security alerts every day. The security analyst’s dilemma?

Believe it or not, compliance saves you money

We all hear it over and over again: complying with data protection requirements is expensive. But did you know that…

What You Don’t Know Can Hurt You: Three InfoSec Retail Predictions

It has been a turbulent year for industry as a whole, and retail has been in the center of the…

Attribution of an attack – don’t waste time on empty calories

When we are attacked, we feel a sense of outrage and the natural tendency is to want to somehow punish…

Going Mining for Bitcoin

While you’ve been busy defending against ransomware, the bad guys have been scheming about new ways to steal from you.…

Prevention is Key in Cybersecurity

A lot of data, an overwhelming amount actually, is available from hundreds of sources, but rarely is it observed. Having…

Experimenting with Windows Security: Controls for Enforcing Policies

Interest continues to build around pass-the-hash and related credential artifact attacks, like those made easy by Mimikatz. The main focus…

SIEM, UEBA, SOAR and Your Cybersecurity Arsenal

The evolution of Security Information and Event Management (SIEM) solutions has made a few key shifts over time. It started…

You’re in the Cybersecurity Fight No Matter What: Are You Prepared?

“You’re in the fight, whether you thought you were or not”, Gen. Mike Hayden, former Director of the CIA and NSA.…

Make a cybersecurity list and check it twice this holiday season

As the holidays swiftly approach, many of us are making lists and plans as part of the crescendo of year-end…

The “Bumper-to-Bumper” Security Solution of POS Systems?

When Point-to-point encryption (P2PE) was standardized by the PCI Security Standards Council, many thought it would become the be-all end-all…

Which security functions outsource poorly and which outsource well

The IT security industry’s skill shortage is a well-worn topic. Survey after survey indicates that a lack of skilled personnel…

Avoid Three Common Active Directory Security Pitfalls

While the threats have changed over the past decade, the way systems and networks are managed have not. We continue…

A haunting tale, just in time for the fall: Don’t let what happened to them, happen to you

The old Haunted Hotel with squeaky wood floors, welcomed all guests who dared enter the front doors. Guests arrived from…

Three myths surrounding cybersecurity

A common dysfunction in many companies is the disconnect between the CISO, who views cybersecurity as an everyday priority, versus…

Report All the Binary Code Executing on Your Network with Sysmon Event IDs

Computers do what they are told, whether good or bad. One of the best ways to detect intrusions is to…

Can general purpose tools work for IT security?

This post got me thinking about a recent conversation I had with the CISO of a financial company. He commented…

Malware, Ransomware, and the Next Big Threat

Imagine the lost revenue for a major retailer if they needed to shut down all of their stores for a…

Equifax’s enduring lesson — perfect protection is not practical

Equifax, one of the big-three US credit bureaus, disclosed a major data breach. It affects 143 million individuals — mostly Americans,…

Three critical advantages of EventTracker Essentials

By now it’s accepted that SIEM is a foundational technology for both securing a network from threats as well as…

Three paradoxes disrupting IT Security

2017 has been a banner year for IT Security. The massive publicity of attacks like WannaCry have focused public attention…

Think you are too small to be hacked?

Why has ransomware exploded on to the scene in 2017? Because it works.

How do you determine IT security risk?

How much security is enough? That’s a hard question to answer. You could spend $1 or $1M on security and…

Protect Your Back-to-School Sales From POS Ransomware

Security experts believe that cybercriminals will be shifting tactics due to declining revenues from stolen credit card sales. We discuss…

Ransomware’s Next Move

While IT security teams identify, hunt, and remove specific variants of the ransomware, there may already be unknown mutated varieties…

Protecting Against Ransomware Attacks: What Every Business Needs to Know

Ransomware attack frequency is at its height as there have been more than 4,000 ransomware attacks happening each day for…

Yet Another Ransomware That Can be Immediately Detected with Process Tracking on Workstations

As I write this, yet another ransomware attack is underway. This time it’s called Petya, and it again uses SMB…

Petya Ransomware – What it is and what to do

A new ransomware variant is sweeping across the globe known as Petya. It is currently having an impact on a…

The Top Five Cyber Threats Hotel Brands and Franchisees Need to Know About

While automation facilitates hotel operations and often makes a better stay for guests, it also opens hotels to digital threats…

Perfect protection is not practical

With distressing regularity, new breaches continue to make headlines. The biggest companies, the largest institutions both private and government are…

Five Myths About Ransomware

Ransomware is a popular weapon for cyber criminals. Worldwide in 2020, there were 304 million ransomware attacks, a 62% increase…

Tips for Protecting Information While on the Go: What Summer Travelers Need to Know About Security

As the summer travel season quickly approaches, most people envision exchanging work clothes and school books for shorts, flip flops,…

Protect Your Business from Ransomware

As the second iteration of the WannaCry ransomware impacting IT infrastructure around the globe is expected, we want to arm…

Challenges with Threat Intelligence or why a Honeynet is a good idea

Shared threat intelligence is an attractive concept. The good guys share experiences about what the bad guys are doing thereby…

When a SIEM is Like an Exercise Machine Stuck Behind the Junk in Your Garage

I’m a big believer in security analytics and detective controls in general. At least sometimes, bad guys are going to…

5 Security Tips for Small and Multi-location Tax and Accounting Firms: Tax Season and Beyond

Tax season is a busy time of year for hackers, given the ample opportunities to steal personal and financial information…

Essential soft skills for cybersecurity success

IT workers in general, but more so IT Security professionals, pride themselves on their technical skills. Keeping abreast of the…

Who suffers more – cybercrime victims or cybersecurity professionals?

So you got hit by a data breach, an all too common occurrence in today’s security environment. Who gets hit?…

Top three high risk behaviors that compromise IT Security

The insider threat is typically much more infrequent than external attacks, but they usually pose a much higher severity of risk…

Ransomware is only getting started

Ransomware is about denying you access to your data via encryption. But that denial has to be of a great…

Foster a Healthy Security Posture

Securing medical records is a complex undertaking. Healthcare organizations need an array of security technologies that can be used to…

EventTracker Enterprise and the Cyber Kill Chain

Defense strategies that focus exclusively on the perimeter and on prevention do not take into account the kill chain life…

Your Voice for SMB Compliance Pains

We believe that every business should have the means to protect themselves and their customers from cyberattacks, and the PCI…

‘Twas the Night Before Christmas – an EventTracker Story

‘Twas the night before Christmas and all through HQ Not a creature was stirring, except greedy Lou – An insider…

Compliance is not a proxy for due care

Regulatory compliance is a necessary step for IT leaders, but it’s not sufficient enough to reduce residual IT security risk to tolerable…

May Your Holidays be Merry, Bright, and Hack Free: Security Tips for the Biggest Shopping Season

Though there are many companies out there responsible for securing merchant locations from the risks of data breaches, people’s own…

Serving up Security: What Restaurants Need to Know about Breach Risks and Prevention

Sure, the headlines have been wrought with healthcare ransomware stories, election-centric email breaches, and massive retail hacks—but restaurants are becoming…

Work Smarter – Not Harder: Use Internal Honeynets to Detect Bad Guys Instead of Just Chasing False Positives

Log collection, SIEM and security monitoring are the journey not the destination. Unfortunately, the destination is often a false positive. …

How To Make Cybersecurity Great Again: Guidance For President-Elect Donald Trump

Are you feverishly working to patch your systems today with the latest available patches? Or are you spending your time…

How the EventTracker/Netsurion merger will bring you more powerful cybersecurity solutions

We are delighted that EventTracker is now part of the Netsurion family. On October 13, 2016 we announced our merger…

A Day in the Life of a Consumer

Years ago, in a data security nightmare not so far away…I found out how quickly a brand could change from…

Tracking Physical Presence with the Windows Security Log

How do you figure out when someone was actually logged onto their PC? The data is there in the security…

Key takeaways from the presidential debate on cybersecurity.

?The presidential debate, as entertaining as it was for many, was a great place to hear about the focus needed…

IT Service Providers: Mind the Security Gap

Persistent threats affecting businesses of all sizes and in all verticals are becoming more consistent and hitting more frequently. The…

Are there any weaknesses in your Point-of-Sale System?

News about a company being breached seems to be a regular occurrence nowadays. And it’s no wonder, with hackers getting…

Demystifying PCI Compliance

PCI compliance: that daunting phrase you always hear in the world of payments…but never truly understand. Well we’re here to…

What is privilege escalation and why should you care?

A common hacking method is to steal information by first gaining lower-level access to your network. This can happen in…

Monitoring DNS Traffic for Security Threats

Cyber criminals are constantly developing increasingly sophisticated and dangerous malware programs. Statistics for the first quarter of 2016 compared to…

RetailNOW Recap 2016: Security Top of Mind for Attendees

The event, aimed at connecting the point-of-sale (POS) technology ecosystem, was extremely successful because it gave us the perfect platform…

How to control and detect users logging onto unauthorized computers

Windows gives you several ways to control which computers can be logged onto with a given account. Leveraging these features…

POS VARs – Don’t be a Target!

When business owners start looking at Point-of-Sale (POS) systems, they may feel overwhelmed at the infinite amount of options they…

Is your brand truly secured?

So you have a big brand name that millions of consumers trust. You have hundreds to thousands of locations across…

7 ways you can prevent credit card fraud when shopping!

We know how tempting those summer sales are! But are you being careful on where you are swiping your card?

Idea to retire: Do more with less

Ideas to Retire is a TechTank series of blog posts that identify outdated practices in public sector IT management and…

Detect Persistent Threats on a Budget

There’s a wealth of intelligence available in your DNS logs that can help you detect persistent threats. So how can…

Do you know where your data is?

In this fifth article of the series, we continue to explore the basic ways businesses can keep their networks safer.…

Dirty truths your SIEM vendor won’t tell you

Analytics is an essential component of a modern SIEM solution. The ability to crunch large volumes of log and security…

Are you guilty of any of these PCI myths?

We have gathered what have been common comments that we hear from business owners. And today, we would like to…

Should I be doing EDR? Why isn’t anti-virus enough anymore?

Detecting virus signatures is so last year. Creating a virus with a unique signature or hash is quite literally child’s…

What you should know about programs, ports and services

In this fourth article in the series, we continue to explore some of the basic ways that business of all…

Uncover C&C traffic to nip malware

In a recent webinar, we demonstrated techniques by which EventTracker monitors DNS logs to uncover attempts by malware to communicate…

7 things you need to know about Anti-Virus protection.

In this entry we discuss the topic of anti-virus protection. There are many questions that come up when we talk…

The Perils of Using Remote Access Software

While software that can be installed on your PC and used to remotely connect when you are away from your…

Maximize your SIEM ROI

Far too many SIEM implementations are considered to be catastrophes. Having implemented hundreds of such projects, here are the three…

Why is patching important to the security of your business?

If you are not keeping up with regular patching of your computer and the programs that run on it –…

Detecting Ransomware: The Same as Detecting Any Kind of Malware?

Ransomware burst onto the scene with high profile attacks against hospitals, law firms and other organizations. What is it and…

Protecting your business from hacker’s attacks.

2016 Verizon Breach Investigations Report (Part 3 of 3) We've covered the 4 patterns of attack used by hackers, expanded…

What tools are hackers using to access businesses’ networks?

2016 Verizon Breach Investigations Report (Part 2 of 3) In our previous post we showed you that regardless of the…

Research points to SIEM-as-a-Service

SC Magazine released the results of a research survey focused on the rising acceptance of SIEM-as-a-Service for the small and…

Is your business at risk of a data breach?

2016 Verizon Breach Investigations Report (Part 1 of 3) The 80 page report is packed with valuable data breach insights.…

No Business is Too Small for Hackers!

It's National Small Business Week! Let's celebrate the hard work you do and make sure your business continues to grow.…

What you should know about PCI DSS 3.2

PCI DSS 3.2 is scheduled for release at the end of April. Have you thought about how this update can…

Welcome to the New Security World of SMB Partners

Yet another recent report confirms the obvious, that SMBs in general do not take security seriously enough. The truth is…

Your Best Defense Against Ransomware Might Be Your Employees

While your business’ data security program should consist of many components, perhaps the most effective defense to ransomware is building…

Top 3 traits of a successful Security Operations Center

Traditional areas of risk — financial risk, operational risk, geopolitical risk, risk of natural disasters — have been part of…

Just how dangerous is ransomware?

Ransomware is a business’ worst nightmare. This malware infects computers and restricts the users from accessing any of their data…

Is the IT Organizational Matrix an IT Security Problem?

Do you embrace the matrix? The fact is, once networks get to a certain size, IT organizations begin to specialize…

Cloud Security Starts at Home

Cloud security is getting attention and that’s as it should be. But before you get hung up on techie security…

Last Year’s Cyber Attack Trends — This Year’s Implications

The range of threats included trojans, worms, trojan downloaders and droppers, exploits and bots (backdoor trojans), among others. When untargeted…

Hungry…Hungry…HIPAA

I have fond memories of playing a board game called Hungry Hungry Hippos in my younger days. Today’s medical practices…

Mobile Tech in Healthcare Can Put Your Practice at Risk

While you focus on providing the best health service for your patients, it is easy to under-estimate the risks that…

Certificates and Digitally Signed Applications: A Double Edged Sword

Windows supports the digitally signing of EXEs and other application files so that you can verify the provenance of software…

Top 5 SIEM complaints

Here’s our list of the Top 5 SIEM complaints:1) We bought a security information and event management (SIEM) system, but it’s…

The Cost of False IT Security Alarms

Think about the burglar alarm systems that are common in residential neighborhoods. In the eye of the passive observer, an…

SIEM: Sprint or Marathon?

Winning a marathon requires dedication and preparation. Over long periods of time. A sprint requires intense energy but for a…

Pain-Free Data Security for Medical Offices

It’s understandable that the primary goal of any healthcare practice is to keep their patients healthy and safe. But what…

The Assume Breach Paradigm

Given today’s threat landscape, let’s acknowledge that a breach has either already occurred within our network or that it’s only…

2015: “The Year of the Healthcare Hack”

2015 was a tough year for the healthcare industry. Some are even calling 2015 “the year of the healthcare hack”.…

SIEM and Return on Security Investment (RoSI)

The traditional method for calculating standard Return on Investment (RoI) is that it equals the gain minus the cost, divided…

Shoppers Care If You’ve Been Breached!

It’s the holiday season and for many that means shopping season! But it also means that theft increases, whether it…

Diagnosing Account Lockout in Active Directory

Here we are going to look for Event ID 4740. This is the security event that is logged whenever an…

Why Do Hackers Want Your Medical Records

2015 has been a year of healthcare data breaches. But why are hackers going after healthcare records now?

Cybersecurity Professionals

As data breaches occur more and more, it is no secret that the market needs more cybersecurity professionals. Here are…

Security Subsistence Syndrome

Security Subsistence Syndrome (SSS) is defined as a mindset in an organization that believes it has no security choices and…

The Evolution of the Hacker

Technology keeps improving, as do hackers. Hackers have been around for years and years; from exploiting the vulnerabilities of telephone…

Catching Hackers Living off the Land Requires More than Just Logs

If attackers can deploy a remote administration tool (RAT) on your network, it makes it so much easier for them.…

The Ten Steps Post Data Breach

Nearly 60% of businesses have experienced a breach in the last two years. Have you ever considered what would happen…

When is an alert not an alert?

Users of the EventTracker platform know that one of its primary functions is to apply built-in knowledge to reduce the flood…

The Transition to EMV Isn’t Over

Merchants know by now that after October 1st the liability for card-present fraud will shift to whichever party is the…

How Strong Are Your Passwords? Tips To Keep You Protected

Passwords keep your accounts and network safe but may also be a gateway for hackers. Here are some quick tips…

How to Detect Low Level Permission Changes in Active Directory

We hear a lot about tracking privileged access today because privileged users like Domain Admins can do a lot of…

Find Out Who Is Affected By A Data Breach?

The number of data breaches continues to increase. Cybercrime affects your brand, your customers and your employees in ways that…

Healthcare Practices are at Particularly High Risk of Data Breach

The CDC estimates that close to 80% of office-based physicians use some form of electronic medical records. This increase, coupled…

The Impact Of A Data Breach

What is the true cost of a data breach? A data breach affects your business, brand, and reputation. But it…

4 Common Data Threats Every Business Needs to Be Aware Of

Four Common Data Threats

Three Indicators of Attack

For many years now, the security industry has become somewhat reliant on ‘indicators of compromise’ (IoC) to act as clues…

Are You Listening to Your Endpoints?

There’s plenty of interest in all kinds of advanced security technologies like threat intelligence, strong/dynamic authentication, data loss prevention and…

The Detection Deficit

The gap between the ‘time to compromise’ and the ‘time to discover’ is the detection deficit. According to Verizon DBIR,…

Netsurion Defense Against Backoff

In the wake of BackOff, and numerous other data breaches, consumers are demanding answers into the how and why surrounding…

User Location Affinity

It’s clear that we are now working under the assumption of a breach. The challenge is to find the attacker…

Wireless Security for Business

In today’s business world, a major draw for many customers is the ability to stay connected while outside the office.…

How to shoot yourself in the foot with SIEM

Six ways to shoot yourself with SIEM technology: 1) Dont plan; just jump in 2) Have no defined scope or…

Five quick wins to reduce exposure to insider threats

A data breach has serious consequences both directly and indirectly. Lost revenue and a tarnished brand reputation both inflict harm…

Secure, Usable, Cheap: Pick any two

This fundamental tradeoff between security, usability, and cost is critical. Yes, it is possible to have both security and usability,…

Six Simple Rules For Safe Credit Card Handling

It is becoming more and more frequent to read about electronic data breaches in the news these days. Unfortunately, what…

Four Key Steps to Rapid Incident Response

Is it possible to avoid security breaches? Judging from recent headlines, probably not. Victims range from startups like Kreditech, to…

Death by a Thousand cuts

You may recall that back in 2012, then Secretary of Defense Leon Panetta warned of “a cyber Pearl Harbor; an attack…

Enriching Event Log Monitoring by Correlating Non Event Security Information

Sometimes we get hung up on event monitoring and forget about the “I” in SIEM which stands for information. Not…

Make Your Wireless Work For You

Whether we are talking about shoppers being students, families, or business execs, having the ability to interact with your guests…

Threat Intelligence and The Pyramid of Pain

There is great interest among security technology and service providers about the intersection of global threat intelligence with local observations in…

Every Merchant Needs Electronic Data Protection

How many days go by between news stories involving computer breaches? The truth of the matter is that as long…

What good is Threat Intelligence integration in a SIEM?

Bad actors/actions are more and more prevalent on the Internet. Who are they? What are they up to? Are they prowling…

Why Naming Conventions are Important to Log Monitoring

Log monitoring is difficult for many reasons. For one thing there are not many events that unquestionably indicate an intrusion…

Why Risk Classification is Important

Traditional threat models posit that it is necessary to protect against all attacks. While this may be true for a…

State Sponsored Hacking – More Than an Issue for Sony

We live in a brave new world where the spies of yesteryear, like James Bond and Jason Bourne, are truly…

How many people does it take to run a SIEM?

You must have a heard light bulb jokes, for example: How many optimists does it take to screw in a…

Five Steps to Protect Retailers from Credit Card Theft

The Georgia based fast food company, Chick-fil-A, has confirmed that it is investigating a potential credit card breach. The investigation…

Are honeypots illegal?

In computer terminology, a honeypot is a computer system set to detect, deflect, or, in some manner, counteract attempts at unauthorized use…

Backoff Has Been Upgraded Harder to Detect

So when you are a hacker and you write the most successful financial transaction hacking software in history, what do…

Three key advantages for SIEM-As-A-Service

Security Information and Event Management (SIEM) technology is an essential component in a modern defense-in-depth strategy for IT Security. SIEM…

IT Community Shaken By Shellshock Vulnerabilities

In the wake of Heartbleed, comes a new form of exposure that could potentially do much more damage than any…

Top 5 Linux log file groups in/var/log

If you manage any Linux machines, it is essential that you know where the log files are located, and what…

PCI 3.0 – A Wake Up Call for SAQ C Merchants

Most merchants who have been validating their PCI compliance for a few years now probably know which SAQ type applies…

Backoff Is the New Standard by Which Other Malware Will Be Judged

Every now and then hackers develop a piece of malware that is so insidious that it changes the landscape of…

Case of the Disappearing Objects: How to Audit Who Deleted What in Active Directory

I often get asked how to audit the deletion of objects in Active Directory. It’s pretty easy to do this…

SIEM and Return on Investment: Four Pillars for Success

Return on investment (ROI) – it is the Achilles heel of IT management. Nobody minds spending money to avoid costs,…

The 5 stages of SIEM Implementation

Are you familiar with the Kübler-Ross 5 Stages of Grief model? SIEM implementation (and indeed most enterprise software installations) bear a striking resemblance.

Top 6 uses for SIEM

Security Information and Event Management (SIEM) is a term coined by Gartner in 2005 to describe technology used to monitor…

How to analyze login and pre-authentication failures for Windows Server 2003 R2 and below

Analyzing all the login and pre-authentication failures within your organization can be tedious. There are thousands of login failures generated…

Netsurion services and OpenSSL the Heartbleed issue

Many of our customers and resellers have asked how Heartbleed affected Netsurion services. In a nutshell, the managed services that…

Will CIOs Be the Final Victim After a Breach

In the wake of their breach, Target announced on March 5, 2014 that their CIO, Beth Jacob was announcing her…

Monitoring File Permission Changes with the Windows Security Log

Unstructured data access governance is a big compliance concern. Unstructured data is difficult to secure because there’s so much of…

There Is No Honor Among Thieves – Target Could Take Advantage of This

For the past several months, there have been numerous stories about major retailers that have been breached by hackers. The…

About the PCI Security Standards Council

The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management,…

Looking back: Operation Buckshot Yankee & agent.btz

It was the fall of 2008. A variant of a three year old relatively benign worm began infecting U.S. military…

Target Has A Bullseye On Its Chest

When Target announced that it had suffered a major breach of approximately 40 million credit cards and 70 million customer…

Why Comply with PCI Security Standards

Why should you, as a merchant, comply with the PCI Security Standards? At first glance, especially if you are a…

Christmas-Kids and Hackers Love This Time of Year

When people think of Christmas, most of them imagine family gatherings and good times. We often forget that from the…

Auditing File Shares with the Windows Security Log

Over the years, security admins have repeatedly asked me how to audit file shares in Windows. Until Windows Server 2008,…

Thieves Tried to Steal Credit Cards from Nordstrom

The department store giant garnered unwanted attention earlier this month when they announced that a Florida store fell victim to…

PCI 3.0 Is Coming – Are You Ready?

Every 3 years the Payment Card Industry Data Security Standard (PCI) is updated to a new version. The time for…

Can Your Point of Sale Be Compliant after the End of Microsoft XP?

From a PCI compliance standpoint, merchants using Windows XP will have problems maintaining compliance because they cannot keep their operating…

Does Your Call for Help Bring Hackers to Your Door?

There is a new trend facing people who rely on help desks. Hackers are targeting help desks because they know…

Following a User’s Logon Tracks throughout the Windows Domain

What security events get logged when a user logs on to their workstation with a domain account and proceeds to…

What did Ben Franklin really mean?

In the aftermath of the disclosure of the NSA program called PRISM by Edward Snowden to a reporter at The Guardian, commentators…

Balancing Privacy and Security

In the wake of the most recent terrorist bombing in Boston, it is easy to understand why some people would…

Square Cash – A Money Transfer Game Changer?

Square strives to make financial transactions simple enough so that the average person on the street can participate. Before Square,…

Using Dynamic Audit Policy to Detect Unauthorized File Access

One thing I always wished you could do in Windows auditing was mandate that access to an object be audited…

Internet Explorer 8 – People Still Love It, But There’s a Problem

This type of issue with a browser is so damaging because computer hackers who take advantage of it, can execute…

Hackers May Just Look to Embarrass You

When you think about electronic security, what comes to mind? Do you consider how vulnerable your customer credit cards are,…

How to Use Process Tracking Events in the Windows Security Log

I think one of the most underutilized features of Windows Auditing and the Security Log are Process Tracking events. In…

Do Hackers Fear U.S. Jails?

In what should only be considered a victory for the U.S. DOJ, 2 of the 4 alleged Subway hackers responsible…

Threatscape 2012 – Prevent, Detect, Correct

The past year has been a hair-raising series of IT security breakdowns and headlining events reaching as high as RSA…

Subtraction, Multiplication, Division and Task Unification through SIEM and Log Management

When we originally conceived the idea of SIEM and log management solution for IT managers many years ago, it was…

Virtualization Security What are the Real World Risks

There’s been a lot of recent hype about security risks with the rise of virtualization, but much of it is…

Security Logging as a Detective and Deterrent Control Against Rogue Admins

Intrusion detection and compliance are the focus of log management, SIEM and security logging. But security logs, when managed correctly…

Logging for HIPAA Part 2; Secure auditing in Linux

HIPAA Logging HOWTO, Part 2 The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines relevant security and privacy…

Sustainable vs. Situational Values

I am often asked that if Log Management is so important to the modern IT department, then how come more…

Logs vs Bots and Malware Today

Despite the fact that security industry has been fighting malicious software – viruses, worms, spyware, bots and other malware since…

MSSP /SaaS /Cloud Computing – Confused? I know I am

There is a lot of discussion around Security MSSPs, SaaS (Security as a Service) and Cloud Computing these days. I…

SIEM: Security, Incident AND Event MANAGEMENT, not Monitoring!

Unfortunately, IT is not perfect; nothing in our world can be. Compounding the inevitable failures and weaknesses in any system…

Why are Workstation Security Logs so Important?

No one needs to be convinced that monitoring Domain Controller security logs is important; member servers are equally as important:…

The Key Difference between “Account Logon” and “Logon/Logoff” Events in the Windows Security Log

An area of audit logging that is often confusing is the difference between two categories in the Windows security log:…

The Art of Detecting Malicious Activity with Logs

Randy Franklin Smith compares methods for detecting malicious activity from logs including monitoring for high impact changes, setting up tripwires…

Logs for Insider Abuse Investigations

In most previous newsletters, we have discussed the use of logging for various regulatory mandates (such as PCI DSS, HIPAA…

Detecting Zeus, Logging for incident response, and more

Preparing the Infrastructure From all the uses for log data across the spectrum of security, compliance, and operations, using logs…

5 cyber security myths, the importance of time synchronization, and more

Time won't give me time: The importance of time synchronization for Log Management

100 Log Management uses #29 Detecting XSS attacks

The number 1 vulnerability on the OWASP list is cross site scripting or XSS. XSS seems to have replaced SQL…

The EPS Myth

Often when I engage with a prospect their first question is “How many events per second (EPS) can EventTracker handle?”…