Welcome back to the blog for our final Cyber Security Awareness Month blog! Today we are focusing on the importance of patching and remediation. This key security step can prevent the majority of breaches and save organizations from an unfortunate, and costly, attack. A study by Ponemon shows that over 60% of breaches are due to unpatched, known vulnerabilities and many of the victims were unaware that their organizations were...
Read More
Welcome back to the last week of Cyber Security Awareness Month with Secure Sense! Today, we want to take a deeper dive into password management with partner Delinea to discuss Privileged Access Management, how PAM has evolved in the past few years, and the benefits of using PAM in your organization. In recent years the need for improved Identity and Access Management (IAM) has been growing. Businesses are enabling policies and technologies to...
Read More
The acceleration of digital transformation is paralleled by a rise in cyber risks. As the average breach cost also continues to rise – reaching $4.4 million this year, according to the latest IBM Cost of a Data Breach report, a 2.6% increase from last year, and a 13% leap since 2020 – the importance of optimizing cybersecurity to maximize the impact of invested resources is crucial. The US government's Cyber Defense Agency...
Read More
Throughout Cloudflare One week, we provided playbooks on how to replace your legacy appliances with Zero Trust services. Using our own products is part of our team’s culture, and we want to share our experiences when we implemented Zero Trust. Our journey was similar to many of our customers. Not only did we want better security solutions, but the tools we were using made our work more difficult than it needed...
Read More
As the name implies, Managed Detection and Response (MDR) is a cybersecurity service providing detection and response capabilities that minimize the impact of an incident. But what does that mean? We’ll dig into the topic and share questions you should ask your service provider. MDR is a combination of technology and services. The technology provides a range of protection, detection, and response capabilities. The Managed piece consists of technology and services: ...
Read More
Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. Previous CrowdStrike blog posts have covered critical vulnerabilities in NTLM that allow remote code execution and other NTLM attacks where attackers could exploit vulnerabilities to bypass MIC (Message Integrity Code) protection, session signing and EPA (Enhanced Protection for Authentication). The PetitPotam vulnerability, combined with AD-CS relay, is one of the recent severe NTLM relay variations the CrowdStrike Identity Protection research team have seen, which indicates its...
Read More
For organizations that have limited internal resources and security staff, their focus is primarily on attack prevention. The set of automated security validation rules needs to be simple to use and deploy. At a minimum, the security control validation must be automated and provide prescriptive mitigation roadmaps to optimize security control resiliency, as well as threat intelligence operationalization. For more mature organizations with greater security resources and infrastructure, the benefit of...
Read More
Why we need a new approach to endpoint management By: Michael Martins, VP Partnerships, Tanium Global organizations are spending more money than ever on cybersecurity. The latest estimate put this outlay at an average annual sum of $5.3 million, up 250% since 2019. Yet, at the same time, 85 percent of Canadian companies experienced at least one cyberattack in 2021. And some ransomware groups are making hundreds of millions by exploiting...
Read More
Written by: Brad Shewmake The cybersecurity landscape is rapidly changing as companies transition from the pandemic and assess their changing security needs. As a new Delinea report explains, businesses need to shift their focus from merely surviving to embracing new security strategies that enable them to thrive in today’s unpredictable world. Security leaders need to take an honest look at the security challenges they’re up against—and future-proof their solutions to protect against today’s sophisticated and evolving...
Read More
By Peter Newton | August 25, 2021 Zero-trust operates on the premise that there are constant threats both outside and inside the network. It also assumes that every attempt to access the network or an application is a threat. In other words, zero-trust is a network security philosophy that states no one inside or outside the network should be trusted until their identity has been thoroughly verified. These assumptions underlie the strategy of network administrators,...
Read More