Ariel Parnes

Ariel Parnes

Co-Founder and Chief Operating Officer

Ariel is a retired Colonel of IDF’s 8200 Cyber Unit, where he served 20+ years in a wide range of roles in the areas of Intelligence, Information Technology, Offensive & Defensive Cyber Operations and Cyber Warfare. He was awarded the prestigious Israel Defense Prize for technological breakthroughs in the cyber field.

6 Keys to Resiliency in the Cloud: Advice for CISOs

Enterprise success relies on operational resilience. When you fall, you have to be able to get back up—and quickly. That ability to spring back after a setback requires more than nimbleness.

MOAB: A Wake-Up Call for Enhanced Cyber Preparedness

In a digital landscape fraught with uncertainty, the discovery of the "Mother of All Breaches" (MOAB) serves as an unsettling foreshadowing of other challenges that await. With a massive cache of 26 billion records, this digital beast has again brought cybersecurity to the forefront for enterprises and requires security professionals to wrestle with a new set of evolving circumstances.

Cyber Trends for 2024: What Security Leaders Should be Executing Next

As we hurtle into this new year, it’s already clear that there is an evolving set of cyber risks that organizations will need to contend with successfully to manage threats and grow their organizational resilience in 2024. Below, I’ll outline three of the biggest ones, sharing recommendations and execution checklists that can help enterprises enhance their threat readiness and elevate security postures as the threat landscape continues to evolve.

SEC Cyber Disclosure Rule FAQ: What Leaders are Asking Us

The U.S. Securities and Exchange Commission (SEC) recently implemented a new rule mandating stringent cybersecurity incident reporting and disclosure requirements for public companies.

Achieving Cloud Readiness Takes More than Tabletops

Accelerated digital transformation, coupled with the escalating cloud and SaaS threat landscape, have made cloud breach readiness a topic climbing up many CISOs’ lists of cyber priorities.

Cloud Detection vs Cloud Threat Hunting: What Cyber Leaders Need to Know

As cyber threats continue to evolve, enterprise security teams are under growing pressure to rapidly identify and mitigate cloud and SaaS-based attacks. Two concepts have emerged as cornerstones of a robust defense strategy: Cloud Detection and Cloud Hunting. However, a misunderstanding or underestimation of these concepts can leave organizations vulnerable to sophisticated attacks.

Shifting your Cyber Investment Strategy for Cloud

Cybersecurity has been with us for decades, yet it’s still a young and maturing industry—and not surprisingly. Every enterprise that cybersecurity supports is still moving along their own digital transformation journey. Some are in the early stages, lifting and shifting their on-prem workloads to the cloud. Others are well along the path, taking on new SaaS (Software as a Service) applications and developing their own cloud-native solutions to serve customers better, build efficiency into their operations, and transact with greater ease.

Why Incident Response Retainers Don’t Work for Cloud—and What Does

Incident response (IR) retainers have been a staple for security teams for years. You pay an upfront fee to an IR firm to be "on call" if an incident occurs. The basic idea is that IR experts are ready to parachute in when disaster strikes.

Deciphering Shadows: Insights and Observations from the MGM Breach

On September 12, 2023, the world woke up to the news ofanother significant cyber-attack, this time on MGM Resorts International, arenowned name in the hotel and casino industry. The incident affected theiroperations across various locations, including iconic Las Vegas.

A Mindset Shift for Cloud Security Resilience: Assume Breach

Cloud environments offer tremendous advantages in agility, scalability, and cost efficiency. However, their dynamic nature also introduces new security challenges compared to traditional on-premises IT. To build true resilience for the inevitability of breaches in the cloud, organizations need to shift their mindset and priorities—starting with accepting the assumption that breaches will occur.

Ready, Set, Respond: Ensuring Compliance with the SEC Reporting Regulations

The Securities and Exchange Commission (SEC) of the United States has adopted new regulations that require public companies to disclose material cybersecurity incidents within four days. To the positive, this initiative seeks to increase transparency and safeguard investors against potential cybersecurity risks.

Microsoft Storm-0558 SaaS Breach: Hunting for Stealth Espionage Attacks

In an ever-changing cyber landscape, the recent exploit by China-based threat actor, Storm-0558, highlights the need for constant vigilance. The threat actor exploited a compromised encryption key (MSA key) to target Microsoft Exchange Online, forge access tokens, manipulate the token verification process, and extract unclassified data from victim mailboxes.

Lessons Learned from WannaCry: Are We Ready for Another Global Attack?

Five years ago, the WannaCry ransomware cryptoworm targeted computers running Microsoft Windows, encrypting data at organizations around the world. The attackers demanded a ransom of just $300 worth of bitcoins within three days or the files would be permanently deleted. The cryptoworm leveraged the EternalBlue exploit, which the National Security Agency developed to attack older Windows Systems.

Cyber Resilience - Why & How to Start Building It In Your Organization

Cyber resilience is the ability of an organization or entity to continue to deliver services or solutions even in the face of adverse cyber events, such as cyberattacks. Cyber resilience combines elements of information security, business continuity, and organizational resilience.

Ready or Not: Russian Attack on Ukraine Brings Global Cybersecurity Impacts

The Russian military strategy is often described as a strategy of “active defense.” This means that their strategy includes both the preventative measures taken before a conflict breaks out and the tenets for conducting the war.

The ultimate cybercriminal gift list: undisclosed zero-day vulnerabilities

Over the last few months, everyone has been busy patching — seeking to close the loophole most learned about when the a patch was released for Log4j 2.15.0 for Java 8 users to address the remote code execution vulnerability CVE-2021-44228, a previously undisclosed zero-day vulnerability.

Rethinking zero-day vulnerabilities vs. one-days to increase readiness

Because zero-day vulnerabilities are announced before security researchers and software developers have a patch available, zero-day vulnerabilities pose a critical risk to organizations as criminals race to exploit them. Similarly, vulnerable systems are exposed until a patch is issued and applied.

Patches are not enough for VMWare vCenter Server and Cloud Foundation vulns

If you are using either vCenter Server or Cloud Foundation, you must declare an emergency and treat it like you have already been compromised. These critical vulnerability disclosures do not offer a quick and easy patch, and patching alone is not enough.

Crown Jewels Analysis — A Risk Of Bias

Organizations have widely adopted the Crown Jewels concept in their efforts to build cost-effective cybersecurity strategies and plans in the ever-growing world of risks and challenges. However, the Crown Jewels concept could undermine the chances of effectively detecting, reacting to and recovering from a cyber-attack. It is time for the adoption of new concepts and new methodologies.

Step 1: Phish Mitiga. Step 2: Get Your Phishing-as-a-Platform Dissected by Mitiga

One of Mitiga’s employees received an email phishing for credentials. Instead of just laughing it off, our team decided to use their lunch breaks to analyze it. What we found indicates a sophisticated phishing platform that uses AWS and Oracle infrastructure to phish Office 365 email accounts.

Learn how ransomware attacks have changed — and how incident response must, too

Ransomware keeps hitting the news these days, filling headlines with stories about organizations struggling with disabled IT systems, inaccessible patient data, unavailable Wi-Fi, and general confusion. Today, organizations are facing an evolving threat, modern ransomware, also called double extortion ransomware.