Your organization needs dedicated space and infrastructure for conducting security operations. Introduction to Security Operations Centers (SOCs) Your SOC is where most of your organization’s security processes take place. Those processes require specialized equipment and expertise. Consolidating that footprint into a single place makes economic sense and drives security performance. That doesn’t mean every […]
Lumifi expands the utility provider’s ability to secure its OT infrastructure and mitigate cyberattack risks The History: The Fayetteville Public Works Commission (FAYPWC) provides municipal water, power, and sewer services to over 120,000 people in North Carolina. As the public utility sector faces increasing cyberattack threats, FAYPWC needed to establish a robust, multi-layered security posture […]
Microsoft 365 is immensely popular across all industry verticals in the small-to-medium-sized business (SMB) space. It is often the killer app for a business and contains valuable, critical information about the business. Accordingly, Microsoft 365 resiliency and defense are top concerns on IT leader’s minds.
Tax season is a busy time of year for hackers, given the ample opportunities to steal personal and financial information through phishing, hacking into computer networks, or other underhanded methods. Here are five tips that go beyond the basics you probably already know, like watching out for phishing and malware, keeping your anti-virus software up-to-date and using different hard-to-guess passwords for different services.
While the threats have changed over the past decade, the way systems and networks are managed have not. We continue with the same operations and support paradigm, despite the fact that internal systems are compromised regularly.
For cyber criminals, everyone’s a target. We must assume that, at some point, every organization’s IT infrastructure will be breached. That’s why we need to continuously monitor, investigate, and respond to cyber threats 24/365 if we are to avoid costly breaches.
A common dedication to providing excellent client services, a driving need to enhance cybersecurity capabilities and an outstanding cyber monetization opportunity generated tremendous energy and focus among attendees at the recently concluded first annual MSSP Live event.
There are five different ways you can log on in Windows called “logon types.” The Windows Security Log lists the logon type in event ID 4624 whenever you log on.
Understanding the costs behind setting up and running a Security Operations Center is important to making informed decisions about how much protection you can afford and how you will go about acquiring it. The simple answer to the question “How much does a SOC cost?” is that it depends on many variables. In this article we will break down those variables and provide typical costs that you can use to inform your decision making about how to best protect your organization.
More Work-from-Home (WFH) scenarios due to COVID-19 present challenges as employees move from a trusted and secured office network to home networks with a variety of technology and cybersecurity rigor. Here are some tips to stay safe as you and your employees work remote.
Automation isn't always a replacement for human expertise. The two must work together to generate lasting security value. Security Operations Centers have struggled with workforce shortages for years. Experts were already alarmed at the growing cybersecurity talent gap back in 2017.
Imagine dealing with a silent, but mentally grating barrage of security alerts every day. The security analyst’s dilemma?
There are three cybersecurity “givens” that small-to-medium-sized businesses (SMBs) often face. One is you are not too small to be targeted by cyber criminals. Even big ransomware gangs are refocusing their efforts on mid-sized victims to avoid scrutiny. A second is that your attack surface is expanding – particularly with the move to cloud, Software-as-a-Service (SaaS) adoption, and Work-From-Home (WFH) – while threat actors continue to evolve new, more sophisticated approaches.
Faced with rising cybersecurity concerns, MSPs and mid-sized organizations are maturing their security posture beyond a network operations center and help desk. But few have realized a centralized security operations center (SOC) with a formal charter and full-time staff.
The security of data and systems is one of the most important concerns in today' business world. If your data is at risk or compromised, it can cripple your operations along with the trust others have in your business.
Twelve days ago, F5 announced several security vulnerabilities that went primarily overshadowed by the Exchange/Hafnium situation. It's important to understand that some of these are critical, remote command execution-level vulnerabilities that require nothing more than an attacker to connect to an F5 BIG-IP device. For those devices, being positioned "in front of" web server clusters […]
As you may know, a zero-day vulnerability in Microsoft Exchange Server was published last week that is garnering a lot of attention. Microsoft has attributed this to a known threat actor that has now compromised thousands or even tens of thousands of systems with these attacks, though it's important to understand that other attackers are […]
(Updated April 2022) The success of your managed detection and response deployment hinges on asking the right questions. Managed detection and response is a valuable element of your enterprise' security posture. With the right technologies in the hands of competent, highly trained analysts, you can significantly reduce security risks while paying a fraction of what […]
Learn about the MITRE ATT&CK® Framework and how cybersecurity teams leverage its matrix of tactics and techniques to assess risk and vulnerabilities within an organization. Definition The MITRE ATT&CK Framework is a knowledge base of tactics and techniques that can be used as a foundation for classifying adversary behaviors and assessing an organization’s vulnerabilities. Created in 2013 by the […]
Organizations of all sizes rely on managed security service providers (MSSPs) to deliver managed detection and response (MDR) and additional cybersecurity services at scale. Understanding the various service options can save your organization money and resources. The difference in technology and its usage is the primary differentiating factor between MDR providers. While some rely on […]
Dealing with credential harvesters has its perks. Day in and day out I get to personally observe how sophisticated a phishing website can be. Some websites are so elaborate that only a trained analyst can identify them, while others are so obvious no one in their right mind would fall for it. Either way, if […]
If you're an accountant or tax professional, you know that tax season is also scam season and that you're a prime target. Cybercriminals are using new, sophisticated scams that can compromise your website or infiltrate your systems with remote desktop software. These join the more traditional email-based attacks that trick you into installing malware that […]
One of the greatest risks for a SIEM or SOAR platform is missing that one event that helps with accurate detection. In general, misses can occur for several reasons, although in our experience, misses mostly stem from incorrect/empty PowerShell logs or merely a lack of logging required for advanced detection.
In-House vs. Outsourced SIEM Management: Discover the True Cost of IT Security (Updated November 2022) Your SIEM management needs will grow over time. Can your information security team follow suit? Security information event management is one of the pillars of effective information security. Capturing and investigating event logs lets security operators detect and respond to […]