Category: Guides

  • Improve your network security by eliminating blind spots 

    Improve your network security by eliminating blind spots 

    Spaghetti and meatballs. Batman and Robin. Peanut butter and jelly. Notice a theme? Well, here are two other pairs that go together as clearly as these, but you might be less familiar with: cybersecurity and visibility, and threat actors, and vulnerabilities. Cybersecurity threats are at an all-time high as threat actors are ruthless and willing…

  • Utilizing SOC Infrastructure vs MDR – an MSSP perspective

    Utilizing SOC Infrastructure vs MDR – an MSSP perspective

    The constant headlines concerning the latest attacks on companies across the industry spectrum serve as constant reminders of the importance of cybersecurity. Digital transformation alone is not enough. You must secure that digital environment, and it’s something that even SMBs have come to realize all too well. Unfortunately, most SMBs lack the technology stack, talent,…

  • Dark Reading panel – The Next Generation SOC with CYREBRO CEO Nadav Arbel

    Dark Reading panel – The Next Generation SOC with CYREBRO CEO Nadav Arbel

    SOCs are taking the center stage as the defenders of the network but many organizations don’t fully understand how to leverage a SOC, leaving them in the dark about the real value they provide.   On March 24, CYREBRO’s CEO and founder Nadav Arbel sat together with Ryan Alban Sr. Manager of Global Solution Leads at…

  • CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    In this episode of CISO Series, we CYREBRO’s CTO, Ori Arbel, discussing the latest cybersecurity trends with the show hosts, cybersecurity journalist, David Spark, and veteran CISO, Andy Ellis. From the start of COVID and the cloud migration rush that followed, to practical tips to help improve incident response planning, the group discusses how to…

  • Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data Traced back to January of this year, Okta, a publicly traded identity and access management company announced yesterday that it has been impacted by a cyber-attack claimed by the data extortion group Lapsus$. Okta and Lapsus$ disagree regarding the success of the breach, while companies like Cloudflare…

  • Ransomware Myths SMBs Need to Be Familiar With

    Ransomware Myths SMBs Need to Be Familiar With

    Ransomware attacks are skyrocketing so quickly alarm bells should be going off at every company. No one is safe, and experts predict 2022 will be a devastating year for ransomware attacks. This should come as no surprise, as attackers these days don’t even need to write their own ransomware code. They can launch an attack…

  • Multitenancy – Why it’s crucial for MSSPs

    Multitenancy – Why it’s crucial for MSSPs

    Today, more SMBs are acknowledging that they are prime targets for hackers. As they know they lack the internal resources to hire an entire staff of cyber experts, they are turning to managed security service providers (MSSPs) for support.  That makes this an exciting and opportune time for MSSPs to grow but managing multiple clients…

  • Ransomware – It’s all about the Benjamins

    Ransomware – It’s all about the Benjamins

    It was Ott Biederman, an accountant for American organized crime back at the turn of the 19th century that originally issued the famous immortal line, “Nothing personal, its just business.” That is what ransomware is today – just business. While there are occasional ransomware attacks initiated by state-sponsored groups to bring down the operations of…

  • How Cyber Resiliency is Weakened by Organizational Struggles

    How Cyber Resiliency is Weakened by Organizational Struggles

    We all know cybercrime is a major threat to businesses, but how much are internal issues impeding your organization’s ability to defend itself? Cyber resiliency is defined as the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources, according…

  • The Evolution of Merging Cybersecurity into Operations

    The Evolution of Merging Cybersecurity into Operations

    How many times do you hear reference being made to the Chief Operating Officer of a company? Certainly, the CEO garners most of the attention as they are the figure head and recognized leader of the company. The CFO receives credit for the financial reporting of the company every earnings season and the CIO or…

  • The Cloud’s Effect on Evolving Security Roles

    The Cloud’s Effect on Evolving Security Roles

    Businesses have changed how they operate in countless ways during the coronavirus pandemic, including accelerating migration to cloud technologies. Before COVID, businesses had the luxury of managing the cloud transition at their own pace. But when the pandemic hit, ushering in a new era of remote work, many businesses moved to cloud-based technologies without necessarily…

  • Dangers in the Cloud – When Remote Work Migrations are Rushed

    Dangers in the Cloud – When Remote Work Migrations are Rushed

    For several years now the world has been steering enterprises to the cloud, and the trend is only growing. The cloud is marketed as a utopia that will free you of all the problems that plague you currently in your on-prem world. There are so many reasons to move to the cloud, such as the…

  • Cybersecurity and Data Protection Laws: US Healthcare Businesses

    Cybersecurity and Data Protection Laws: US Healthcare Businesses

    Ordinary American businesses are legally obligated to tell consumers when there has been a data breach but are not obligated to have cybersecurity protection in place. However, healthcare organizations are not ordinary businesses. Because they deal with protected health information (PHI), healthcare organizations are subject to special cybersecurity and data privacy rules pertaining only to…

  • Six months later: Key takeaways from the SolarWinds supply chain attack 

    Six months later: Key takeaways from the SolarWinds supply chain attack 

    Last year’s SolarWinds supply chain attack shook the security world. Hundreds of private businesses, many of them Fortune 500 companies, and several US agencies, including the Pentagon, Homeland Security, the Treasury, and the State Department, were all victims as they all use SolarWinds’ Orion system.   The scope of this attack and the fact that hackers…

  • Colonial Pipeline Ransomware Attack: Lessons For SOC Operators

    Colonial Pipeline Ransomware Attack: Lessons For SOC Operators

    Background Earlier this month, Colonial Pipeline — the largest pipeline system for refined oil production in the U.S. — suffered a ransomware attack that resulted in the closure of one of the largest U.S. pipelines. As a result of the attack, the pipeline operator was forced to temporarily halt all pipeline operations resulting in massive…

  • Two Emerging Vector Trends

    Two Emerging Vector Trends

    Life is never dull for cybersecurity teams, but we’ve seen an increase in two types of threat vectors during the first half of 2021. Reports of the recent Codecov Bash Uploaded security breach is an example of a supply chain attack, while common vulnerabilities and exposures (CVE) have shown up in increased frequency at Apple,…

  • Zerologon and How to Detect It Like A Pro

    Zerologon and How to Detect It Like A Pro

    You’ve probably already heard about the Zerologon vulnerability (aka CVE-2020-1472) but in case you haven’t, here is what it is in a nutshell; and more importantly here are our insights on how to detect it. Zerologon is a critical vulnerability scored CVSS10.0 by Microsoft, essentially allowing an adversary to exploit the Netlogon Remote Protocol (MS-NRPC) aimed at…

  • How Can a Cloud-Based SOC Help You Detect Internal Threats?

    How Can a Cloud-Based SOC Help You Detect Internal Threats?

    Businesses worldwide are continuously at risk from external threats which are looking for a way in, be it by phishing or vulnerabilities. Once they enter your infrastructure or software, they can then use it to pivot and move into sensitive data, stealing it, or destroying it to obtain a profit. Internal threats have increased rapidly…

  • 5 Types of Cybersecurity Your Organization Needs

    5 Types of Cybersecurity Your Organization Needs

    Businesses don’t often compare themselves to nations, but they have at least one important thing in common – the need to handle threats across multiple spheres or environments. Nations must be on constant alert to security threats from land, air, sea, space and – increasingly – cyberspace. Depending on the complexity of your cyber infrastructure,…

  • Proactive vs. Reactive Cybersecurity

    Proactive vs. Reactive Cybersecurity

    Many businesses already spend a great deal on cybersecurity but are still inadequately prepared, and the solution often lies in their general approach. Reactive and proactive cybersecurity follow different approaches and offer unique benefits, and these two approaches also require different processes and tools to maximize cybersecurity.   Which of these security approaches is more effective for your business?…

  • User Submission Processes: How To Do It Right

    User Submission Processes: How To Do It Right

    If given a choice between doing something that took a lot of time and effort for what you perceive as very little payoff or just skipping the task altogether, which would you choose? Although we’d all like to think we’d buckle down and do the work, the truth is that most people wouldn’t, particularly if…

  • Employee Insights: The Skills Needed To Analyze Phishing Campaigns

    Employee Insights: The Skills Needed To Analyze Phishing Campaigns

    Phishing Campaigns Are No Match For Analysts With These Skills   Phishing campaigns are all too common these days. A look back at 2020 showed that 75% of companies globally suffered from an attack. In the United States, 74% of attacks were successful, a 14% increase from 2019, proving bad actors are getting smarter and using…

  • Implement These 5 Strategies To Create a Cyber Smart Company

    Implement These 5 Strategies To Create a Cyber Smart Company

    Cyber security is a top concern for every company. As the CISO, leading the charge to keep your company secure from hackers and attacks falls squarely on your shoulders, but it’s certainly not a job you can do on your own. Security and the measures your company takes to remain as secure as possible are…

  • ICYMI: How to Harden Your Security Posture by Maximizing Your Existing Security Tools (Webinar)

    ICYMI: How to Harden Your Security Posture by Maximizing Your Existing Security Tools (Webinar)

    Security professionals need to be laser-focused on strengthening their security posture, but with huge attack surfaces and a multitude of ever-advancing threats, the challenge can sometimes seem insurmountable. However, by using the right tools coupled with a deep understanding of their most valuable business assets, security teams can create a winning strategy that protects their…

  • 5 Commonly Overlooked Signs of a Hack

    5 Commonly Overlooked Signs of a Hack

    There are security system rules configurations that can indicate these threats, so if you see any one of these, there is a good chance that your system has been compromised somewhere along the way. Someone else is reading your emails! (The Windows Outlook Hack) If you use Microsoft Outlook for your emails, your emails can…

Sign Up for Updates