Are you headed to the RSA Conference in San Francisco? I'm excited to be attending for the first time in quite a few years. It’s the first time many of us — attendees, exhibitors, speakers, and staff alike — are participating in a large-scale conference in person in two years. We’re hoping to make it fun and engaging for everyone we see at the conference. To do that, we have some plans...
Five years ago, the WannaCry ransomware cryptoworm targeted computers running Microsoft Windows, encrypting data at organizations around the world. The attackers demanded a ransom of just $300 worth of bitcoins within three days or the files would be permanently deleted. The cryptoworm leveraged the EternalBlue exploit, which the National Security Agency developed to attack older Windows Systems.
The Okta breach is yet another indication of what we have been seeing for the past few years in the cybersecurity industry, particularly in the incident response practice, demonstrating the increased sophistication and capabilities of various attack groups.
Cyber resilience is the ability of an organization or entity to continue to deliver services or solutions even in the face of adverse cyber events, such as cyberattacks. Cyber resilience combines elements of information security, business continuity, and organizational resilience.
A cybersecurity incident response tabletop exercise (TTX) is an activity conducted as a discussion exercise. There can be multiple goals of a TTX, but a common goal is to review processes and procedures to identify gaps and dependencies in organizational response to an incident.
The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms. For example, imagine a system that is completely “firewalled off”—a firewall prevents any inbound or outbound connections from the machine.
Regardless of the specific details of a breach, organizations must be prepared to respond when one occurs. The more organizations move applications and services to the cloud, the more it is important to plan for cloud incident response. These seven best practices will help you get started.
The cloud environment is the future for every industry. From finance to entertainment to healthcare, cloud computing helps businesses compete with increased flexibility, availability of information, and access. But just like on-premises, data center-based computing, moving to cloud environments and SaaS applications brings their own cybersecurity risks.
Because BigQuery stores so much sensitive data, it’s an extremely appealing target for threat actors, and our research showed ways to exfiltrate data. This information helps us better research critical incidents in environments that leverage BQ, so we can accelerate the IR process and help customers get back to business as usual.
