Category Archives: News

BrandPost: XDR: Contextualizing the Value of Cybersecurity

Read Time:24 Second

Extended Detection and Response, or XDR, is a hot topic in the cybersecurity world. Enterprises are adopting it for its ability to mitigate security-alert fatigue, modernize security efforts, and adapt to the evolving threat landscape. Here, we’ll look at how XDR can maximize the efficiency of existing cybersecurity products while reducing TCO. XDR can also help transform the perception of cybersecurity on the whole.

Asset vs. liability: Cybersecurity perceptions

To read this article in full, please click here

Read More

Microsoft expands managed security services offerings with new program

Read Time:38 Second

Microsoft announced Monday that it’s getting into the managed security services business. The company’s Microsoft Security Experts program includes three new managed services.

Microsoft Defender Experts for Hunting is for its customers who have robust security operations centers but would like Microsoft to hunt for threats in data from endpoints, Office 365, cloud applications, and identity sources. Microsoft’s experts will hand off any actionable alerts they discover to security operations center (SOC) personnel, along with remediation recommendations. Microsoft experts are also available on-demand to answer security questions about anything from incidents to action by nation-state actors to updates on the latest attack vectors. The projected launch window for the service is in the summer of 2022.

To read this article in full, please click here

Read More

What to look for in a vCISO as a service

Read Time:3 Minute, 4 Second

 “Approximately 64% of global CISOs were hired from another company” according to the 2021 MH Global CISO Research Report. The reasons are because of talent shortages, the role is still new to some companies, and companies have not created a succession plan to support internal promotions.

To overcome these challenges, companies can look to Virtual Chief Information Security Officer (vCISO) or a vCISO as a service provider. Companies should consider both the vCISO candidate and the additional “as a service” capabilities that the Provider brings to support the security program. This article covers what to look for when selecting a vCISO and vCISO as a service provider.

What to look for with the candidate

Businesses will want to align their CISO requirements with the skillset and background of the candidate vCISO. For example, the business may want a vCISO with security architecture experience when they are deploying a managed firewall service. Alternatively, if the business has a need to build a Security Operations Center (SOC) then a vCISO with SOC deployment experience might be preferred. While experience in a focused area is beneficial, a vCISO will have the following fundamental skills that align and preferably expand past the business security needs.

Provide executive-level advisory and presentations.
Create and track a risk register with identified cybersecurity gaps.
Ability to develop, implement, and manage cybersecurity roadmap.
Run tabletop exercises to identify business unit priorities and create alignment.
Respond to third-party due diligence requests.
Hardware and software assets as well as data identification and risk analysis.
Reporting on metrics and key performance indicators (KPIs).
Deliver and report on vulnerability and penetration testing.
Oversee reporting, steering, and committee meetings.
Review and update incident response plans.
Identification, mitigation, and remediation activities for security related events.
Policy and procedure development, updating and creation.
Budget and planning development.
Develop and run security awareness training.

What to look for in a vCISO as a service provider

vCISO as a service expands the vCISO from an individual contributor into a team that is engaged to lead a program or initiative. For example, instead of having a vCISO with SOC building experience, the entire team is brought in to create the program and build the SOC. Building a relationship with the Provider helps businesses quickly engage resources to support these larger types of initiatives. As the relationship grows, the business builds trust and expands into a valuable partnership. Below are items to consider when trying to find the right trusted partner.

Access to a team of experts for a specific topic or concern through collaboration and sharing between the provider’s internal vCISO committee.
Provide a diverse group of professionals that allow the customer to get a vCISO who can quickly engage within the customer’s timeline and budget.
Leverage the diverse experience gained by the provider because of their engagements in different industries and business sizes from small business to global enterprise.
Strategy frameworks and resources to build a security program and help create a succession plan.
Meet the customer timelines and budgets through different levels of retainers and engagement models.
Addressing security topics and strategy objectively while providing unbiased recommendations to security challenges.
Coverage area to support regional, national, and global footprints.

The vCISO role is a flexible model to help customers manage cost, enhance quality of their deliverables, and reduce the time it takes to deliver on security activities. Engagements can be for a specific project, to provide coverage while a permanent CISO is identified, or to take on the role full-time. These benefits strengthen the relationship between customers and service provider which in turn, create the trusted partnership that is needed for stronger security.

Read More

Zero-click attacks explained, and why they are so dangerous

Read Time:36 Second

Zero-click attack definition

Zero-click attacks, unlike most cyberattacks, don’t require any interaction from the users they target, such as clicking on a link, enabling macros, or launching an executable. They are sophisticated, often used in cyberespionage campaigns, and tend to leave very few traces behind—which makes them dangerous.

Once a device is compromised, an attacker can choose to install surveillance software, or they can choose to enact a much more destructive strategy by encrypting the files and holding them for ransom. Generally, a victim can’t tell when and how they’ve been infected through a zero-click attack, which means users can do little to protect themselves.

To read this article in full, please click here

Read More