By allowing companies to store data and applications in the cloud and access them from anywhere in the world, cloud computing has completely changed the way businesses work. This ease does, however, come with some security dangers because putting sensitive data in the cloud leaves it open to hacker attacks. Thus, it is crucial to […]
SIEM (Security Information and Event Management) solutions are critical for monitoring and detecting potential security threats within an organization’s network. However, the effectiveness of a SIEM solution depends on how well it is tuned. A poorly tuned SIEM solution can generate a large number of false positives, which can lead to alert fatigue and make […]
SOAR (Security Orchestration, Automation, and Response) is a framework that combines security operations, automation, and response to detect, analyze, and respond to security incidents. SOAR helps organizations streamline their security operations by automating repetitive tasks, reducing response times, and improving the overall efficiency of their security operations. Implementing SOAR within an organization can be a […]
“One of the main cyber-risks is to think they don’t exist. The other is to try to treat all potential risks. (Fix the basics, protect first what matters for your business and be ready to react properly to pertinent threats. Think data, but also business services integrity, awareness, customer experience, compliance, and reputation).” -Stephane Nappo (Quote of the week: Risk Management | Mars 17, 2018)
This article will focus mainly on important considerations when it comes to SIEM implementation. It also exposes some oversights during the run phase.
"Computer security can simply be protecting your equipment and files from disgruntled employees, spies, and anything that goes bump in the night, but there is much more. Computer security helps ensure that your computers, networks, and peripherals work as expected all the time and that your data is safe in the event of hard disk crash or a power failure resulting from an electrical storm. Computer security also makes sure no damage is done to your data and that no one is able to read it unless you want them to." -Bruce Schneier (Quote of the week: Computer Security | Feb 10, 2018)
Only a few minutes before the end of 2017, a heavy year on cybersecurity from huge breaches through ransomware spreading and new vulnerabilities disclosers, to new defense technologies loudly evolving all around. I feel however almost tactless when I look the other way around and try to depict all of this in the real-world projects […]
"The methods that will most effectively minimize the ability of intruders to compromise information security are comprehensive user training and education. Enacting policies and procedures simply won't suffice. Even with oversight the policies and procedures may not be effective: my access to Motorola, Nokia, ATT, Sun depended upon the willingness of people to bypass policies and procedures that were in place for years before I compromised them successfully." - Kevin Mitnick (Quote of the week : Security Education | Oct 23, 2017)
As a starting point, a good basic understanding of possible Treat Intelligence integrations is a must. This will allow us to imagine fitting basic setup and future evolutions as TI operations mature inside the organization. We can form our first TI integration strategy on simple…
"Information is a significant component of most organizations’ competitive strategy either by the direct collection, management, and interpretation of business information or the retention of information for day-to-day business processing. Some of the more obvious results of IS failures include reputational damage, placing the organization at a competitive disadvantage, and contractual noncompliance. These impacts should not be underestimated." - Institute of Internal Auditors (Quote of the week : Data Protection | Oct 7, 2017)