Ransomware Response — A Better Way

On March 15, 2020, during the height of the COVID-19 pandemic, hackers attacked the Department of Health and Human Services (HHS) servers. In the past, computers belonging to hospitals, doctor’s offices, and other medical providers have been a particular target for ransomware purveyors who lock computers or files and demand the immediate payment of ransom…

Details

Cloud Range Lauded for Importance, Innovation and Ease of Use

CISOs Laud Vendor for Importance to the Business, Innovation and Ease of Use Security Current, the premier CISO knowledge-sharing community, today announced that more than 20 CISOs from across industries selected next-generation virtual cyber range and security operations simulation provider Cloud Range as the winner of the Security Shark Tank® during RSA 2020. In the…

Details

Flashback: Read this article on assessing whether your business can survive a pandemic written in Dec 2014 by Farhaad Nero who was VP of Enterprise Security at Bank of Tokyo-Mitsubishi at that time

Take the Test: Today Ebola, Tomorrow Who Knows? Can Your Business Survive a Pandemic? Read this article on assessing whether your business can survive a pandemic written in Dec 2014 by Farhaad Nero who was VP of Enterprise Security at Bank of Tokyo-Mitsubishi at that time   Pandemics are epidemics occurring on a scale that crosses international…

Details

BEC and Call – Business E-Mail Compromise Leads to Liability

When William Darby went to work as a securities broker in October of 2018, little did he know that he was going to not only have a bad day, but ultimately a bad career. Darby’s firm fell victim to an increasingly common form of attack — a Business E-Mail Compromise, or BEC attack. An unknown hacker…

Details

NSA and FBI Take Different Paths for Cybersecurity

When NSA security researchers learned that the methods used by Microsoft Windows 10 machines to examine digitally signed code (like that used to install patches) had a vulnerability which would have allowed the Agency to slip in malware, they had to debate the best method of protecting the nation. On the one hand, they could…

Details

Cybersecurity Leadership – It isn’t just 1’s and 0’s

Cybersecurity professionals often come from very technical backgrounds.  It is imperative that these professionals understand all the areas of technology: operating systems, networking protocols, architecture, applications and databases.  At some point many of these professionals achieve leadership roles.  A cybersecurity leader must be able to rely on that technical acumen to enable the business goals…

Details

TrapX Wins the Security Shark Tank® New York City

CISOs Praise Deception Technology Vendor for Importance to the Business and Ease of Use Security Current, the premier CISO knowledge-sharing community, today announced that CISOs from across industries selected TrapX as the winner of the Security Shark Tank® New York City 2019. In the Security Shark Tank, providers come face-to-face with CISOs seeking innovative solutions…

Details

Fortanix Lauded for Innovation, Vision and Importance

CISOs Laud Fortanix for Innovation, Vision and Importance to the Business Chicago, Illinois – Security Current, the premier CISO knowledge-sharing community, today announced that CISOs from across industries selected Fortanix® Inc. as the winner of the Security Shark Tank® Chicago 2019. In the Security Shark Tank, providers come face-to-face with CISOs seeking innovative solutions for their…

Details

Update on Iowa

Yesterday, I wrote about two employees of CoalFire who were arrested for performing a physical pen test of various courthouses in Iowa. The article focused on the need to have a well-defined Statement of Work and contract. Well, guess what. The State of Iowa Judicial Branch released exactly these documents. And guess what? Page 12 of the…

Details