Believe it or not, compliance saves you money

December 28, 2017
We all hear it over and over again: complying with data protection requirements is expensive. But did you know that the financial consequences of non-compliance can be far more expensive?

What You Don't Know Can Hurt You: Three InfoSec Retail Predictions

December 14, 2017
It has been a turbulent year for industry as a whole, and retail has been in the center of the turbulence. Amazon bought Whole Foods, grocery chains moved into new markets, and myriad players invested heavily in building digital capabilities. The catchphrase on everyone’s lips has been, “Transform the customer experience.”

Attribution of an attack - don’t waste time on empty calories

December 14, 2017
When we are attacked, we feel a sense of outrage and the natural tendency is to want to somehow punish the attacker. To do this, you must first identify the attacker, preferably accurately, or else. This is easier said than done, especially online.

Going Mining for Bitcoin

December 01, 2017
While you’ve been busy defending against ransomware, the bad guys have been scheming about new ways to steal from you. Let’s review a tactic seen in the news called bitcoin mining.

Prevention is Key in Cybersecurity

November 30, 2017
A lot of data, an overwhelming amount actually, is available from hundreds of sources, but rarely is it observed. Having something and getting value from it are entirely different.

Experimenting with Windows Security: Controls for Enforcing Policies

November 29, 2017
Interest continues to build around pass-the-hash and related credential artifact attacks, like those made easy by Mimikatz. The main focus surrounding this subject has been hardening Windows against credential attacks, cleaning up artifacts left behind, or at least detecting PtH and related attacks when they occur.

SIEM, UEBA, SOAR and Your Cybersecurity Arsenal

November 16, 2017
The evolution of Security Information and Event Management (SIEM) solutions has made a few key shifts over time. It started as simply collecting and storing logs, then morphed into correlating information with rules and alerting a team when something suspicious was happening.

You’re in the Cybersecurity Fight No Matter What: Are You Prepared?

November 07, 2017
“You’re in the fight, whether you thought you were or not”, Gen. Mike Hayden, former Director of the CIA and NSA. It may appear at first to be a scare tactic or an attempt to sow fear, uncertainty, and doubt, but truly, what this means is that it’s time to adopt the Assume Breach paradigm.

Make a cybersecurity list and check it twice this holiday season

November 06, 2017
As the holidays swiftly approach, many of us are making lists and plans as part of the crescendo of year-end activity. We don’t want to forget anything important, but is ensuring safety from cybercrime at the top of your list?

The “Bumper-to-Bumper” Security Solution of POS Systems?

November 01, 2017
When Point-to-point encryption (P2PE) was standardized by the PCI Security Standards Council, many thought it would become the be-all end-all security solution they needed. It would protect customer data and relieve some of the burden of PCI compliance on the merchant. As with anything that sounds too good to be true, proceed with caution.

Which security functions outsource poorly and which outsource well

October 26, 2017
The IT security industry’s skill shortage is a well-worn topic. Survey after survey indicates that a lack of skilled personnel is a critical factor in weak security posture. If the skills are not available in your organization then you could: a) ignore the problem and hope for the best, or b) get help from the outside.

Avoid Three Common Active Directory Security Pitfalls

October 13, 2017
While the threats have changed over the past decade, the way systems and networks are managed have not. We continue with the same operations and support paradigm, despite the fact that internal systems are compromised regularly.

A haunting tale, just in time for the fall: Don’t let what happened to them, happen to you…

October 09, 2017
The old Haunted Hotel with squeaky wood floors, welcomed all guests who dared enter the front doors. Guests arrived from every nation – every corner of world – ready to spend money and explore.

Three myths surrounding cybersecurity

October 05, 2017
A common dysfunction in many companies is the disconnect between the CISO, who views cybersecurity as an everyday priority, versus top management who may see it as a priority only when an intrusion is detected. Does your organization suffer from any of these?

Report All the Binary Code Executing on Your Network with Sysmon Event IDs

September 28, 2017
Computers do what they are told, whether good or bad. One of the best ways to detect intrusions is to recognize when computers are following bad instructions – whether in binary form or in some higher level scripting language.

Can general purpose tools work for IT security?

September 27, 2017
This post got me thinking about a recent conversation I had with the CISO of a financial company. He commented on how quickly his team was able to instantiate a big data project with open source tools.

Malware, Ransomware, and the Next Big Threat

September 21, 2017
Imagine the lost revenue for a major retailer if they needed to shut down all of their stores for a few days, or even a few hours, especially over the busy holiday season. The impact would be devastating.

Equifax’s enduring lesson — perfect protection is not practical

September 11, 2017
Equifax, one of the big-three US credit bureaus, disclosed a major data breach. It affects 143 million individuals — mostly Americans, although data belonging to citizens of other countries, for the most part Canada and the United Kingdom, were also hit.

Three critical advantages of EventTracker Essentials

September 07, 2017
By now it’s accepted that SIEM is a foundational technology for both securing a network from threats as well as demonstrating regulatory compliance. However, SIEM is not fit-and-forget technology, nor is it technically simple to implement and operate.

Three paradoxes disrupting IT Security

August 31, 2017
2017 has been a banner year for IT Security. The massive publicity of attacks like WannaCry have focused public attention like never before on a hitherto obscure field. Non-technical people, including board members, nod gravely when listening as the CISO.

Think you are too small to be hacked?

August 29, 2017
Why has ransomware exploded on to the scene in 2017? Because it works.

How do you determine IT security risk?

August 14, 2017
How much security is enough? That’s a hard question to answer. You could spend $1 or $1M on security and still ask the same question. It’s a trick question; there is no correct answer.

Protect Your Back-to-School Sales From POS Ransomware

August 08, 2017
Security experts believe that cybercriminals will be shifting tactics due to declining revenues from stolen credit card sales. We discuss rationale for the rise of ransomware – and what you need to do to get ready for a potential and ongoing surge of attacks. We believe there’s not a minute to lose with back-to-school season underway, so let’s get started.

Ransomware's Next Move

July 27, 2017
While IT security teams identify, hunt, and remove specific variants of the ransomware, there may already be unknown mutated varieties lurking dormant and ready to execute.

Protecting Against Ransomware Attacks: What Every Business Needs to Know

July 11, 2017
Ransomware attack frequency is at its height as there have been more than 4,000 ransomware attacks happening each day for over a year now. Follow these tips to help avoid a ransomware breach at your business.

Yet Another Ransomware That Can be Immediately Detected with Process Tracking on Workstations

June 29, 2017
As I write this, yet another ransomware attack is underway. This time it’s called Petya, and it again uses SMB to spread. But here’s the thing — it uses an EXE to get its work done.

Petya Ransomware – What it is and what to do

June 28, 2017
A new ransomware variant is sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems.

The Top Five Cyber Threats Hotel Brands and Franchisees Need to Know About

June 19, 2017
While automation facilitates hotel operations and often makes a better stay for guests, it also opens hotels to digital threats perpetrated by malicious actors. Consequently, hotel operators should be aware of the types of cyber attacks, which can significantly hurt their brand reputation and bottom line, not to mention the safety and welfare of employees and guests.

Perfect protection is not practical

June 05, 2017
With distressing regularity, new breaches continue to make headlines. The biggest companies, the largest institutions both private and government are affected. Every sector is in the news.

Three myths about Ransomware

May 31, 2017
No industry is immune to these attacks, which if successful are a blot on financial statements of the targeted companies. Despite their success, ransomware attacks are not sophisticated, exploit traditional infection vectors and are not stealthy.

Tips for Protecting Information While on the Go: What Summer Travelers Need to Know About Security

May 16, 2017
As the summer travel season quickly approaches, most people envision exchanging work clothes and school books for shorts, flip flops, and beach umbrellas as they look forward to that well-deserved vacation. Unfortunately, hackers have their own plans this summer...

Protect Your Business from Ransomware

May 15, 2017
As the second iteration of the WannaCry ransomware impacting IT infrastructure around the globe is expected, we want to arm our customers with information to be best prepared.

Challenges with Threat Intelligence or why a Honeynet is a good idea

May 09, 2017
Shared threat intelligence is an attractive concept. The good guys share experiences about what the bad guys are doing thereby blunting attacks. This includes public-private partnerships like InfraGard, a partnership between the FBI and the private sector dedicated to sharing information and intelligence to prevent hostile acts against the U.S.

Tips for Choosing the Right POS Provider: What a small business owner needs to know

May 02, 2017
As a new business owner, there is so much to be proud of and so much to do. Your idea turned into a plan that has been put to action, so now what? At the forefront, there is one question you need to answer from the start.

When a SIEM is Like an Exercise Machine Stuck Behind the Junk in Your Garage

April 27, 2017
I’m a big believer in security analytics and detective controls in general.  At least sometimes, bad guys are going to evade your preventive controls, and you need the critical defense-in-depth layers that detective controls provide through monitoring logs and all the other information a modern SIEM consumes.

5 Security Tips for Small and Multi-location Tax and Accounting Firms: Tax Season and Beyond

April 12, 2017
Tax season is a busy time of year for hackers, given the ample opportunities to steal personal and financial information through phishing, hacking into computer networks, or other underhanded methods. Here are five tips that go beyond the basics you probably already know, like watching out for phishing and malware, keeping your anti-virus software up-to-date and using different hard-to-guess passwords for different services.

Essential soft skills for cybersecurity success

April 12, 2017
IT workers in general, but more so IT Security professionals, pride themselves on their technical skills. Keeping abreast of the latest threats and the newest tactics to demonstrate to management and peers that one is “worthy.”

Who suffers more - cybercrime victims or cybersecurity professionals?

March 30, 2017
So you got hit by a data breach, an all too common occurrence in today’s security environment. Who gets hit? Odds are you will say the customer. After all it’s their Personally Identifiable Information (PII) that was lost.

Top three high risk behaviors that compromise IT Security

March 30, 2017
The insider threat is typically much more infrequent than external attacks, but they usually pose a much higher severity of risk for organizations when they do happen. While they can be perpetrated by malicious actors, it is more common the result of negligence.

The Top Five Threats That Restaurant Franchisees Need to Know About

March 29, 2017
Restaurants with multiple locations are taxed with increased pressure to succeed in different geographic locations, with potentially different demographics. This means implementing popular technology to serve that area—sometimes quickly—to keep the business afloat. The faster their success, customer enjoyment, and diner loyalty accelerate the more likely these locations are to become and remain go-to dining spots. However, in the rapid shuffle of getting these technologies set up, security is often forgotten.

Ransomware is only getting started

February 28, 2017
Ransomware is about denying you access to your data via encryption. But that denial has to be of a great enough magnitude create sufficient motivation for the victim to pay.

Foster a Healthy Security Posture

February 27, 2017
Securing medical records is a complex undertaking. Healthcare organizations need an array of security technologies that can be used to prevent malicious attacks and keep personal healthcare information safe, while retaining the day-to-day ease-of-use.

EventTracker Enterprise and the Cyber Kill Chain

January 26, 2017
Defense strategies that focus exclusively on the perimeter and on prevention do not take into account the kill chain life cycle approach; this is a reason why attackers are continuing to be so successful.

Your Voice for SMB Compliance Pains

January 13, 2017
We believe that every business should have the means to protect themselves and their customers from cyberattacks, and the PCI Security Standards Council (PCI SCC) shares this belief. We’re working together to make compliance management more efficient, and therefore, strengthen the security of all merchants.