Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Threat intelligence vendor Recorded Future is reporting a wave of targeted attacks against power plants, electricity distribution centers and seaports in India. [Read More]
NEWS ANALYSIS: Armorblox raises $30 million and joins a growing list of well-heeled startups taking a stab addressing one of cybersecurity’s most difficult problems: keeping malicious hackers out of corporate mailboxes. [Read More]
Venture capital giant Sequoia Capital said the recently disclosed cybersecurity incident was apparently part of a BEC attack. [Read More]
The social platform associated the accounts with state-sponsored actors operating out of Armenia, Iran, and Russia. [Read More]
Leading technology companies said Tuesday that cyber operations linked to the massive SolarWinds hack was so sophisticated, focused and labor-intensive that a nation had to be behind it, with all the evidence pointing to Russia. [Read More]
Transport for NSW and NSW Health said some information was taken during the cyber-attack. [Read More]
A South Carolina county continues to rebuild its computer network after what it called a sophisticated hacking attempt. [Read More]
Carmakers Kia and Hyundai denied that the outages they suffered in the past week in the United States were the result of a ransomware attack. [Read More]
Microsoft says the SolarWinds hackers attempted to access its systems even after they were discovered and they were apparently searching for secrets in source code. [Read More]
French President Emmanuel Macron has unveiled a plan to better arm public facilities and private companies against cybercriminals following ransomware attacks at two hospitals this month and an upsurge of similar cyber assaults in France. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
The center of gravity of the Security Operations Center (SOC) used to be the SIEM, but this is shifting as the mission of the SOC shifts to become a detection and response organization.
Marc Solomon's picture
The pandemic has resulted in security team members and teams working better together, as well as more closely with other departments and with industry sharing groups.
AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Marc Solomon's picture
Curated threat intelligence is an essential capability of the SOC, enabling tools and teams to work more efficiently and effectively to optimize everything from incident response to threat hunting.
AJ Nash's picture
Knowing that threat intelligence is readily available and proving its worth is one thing, understanding how to use it within your security operations program is quite another.
Marc Solomon's picture
When intelligence becomes a capability and not just subscriptions to feeds, we can gain the full value of intelligence as the foundation to security operations.
Idan Aharoni's picture
As organizations’ visibility is limited to what their threat intelligence vendors cover, by definition they will never have full visibility.
Marc Solomon's picture
To gather the data and intelligence you need to fully detect and respond to threats, you need the ability to scale up and down the pyramid.