Author Archives: Doug Bonderud

CIRCIA feedback update: Critical infrastructure providers weigh in on NPRM

Posted on by

In 2022, the Cyber Incident for Reporting Critical Infrastructure Act (CIRCIA) went into effect. According to Secretary of Homeland Security Alejandro N. Mayorkas, “CIRCIA enhances our ability to spot trends, render assistance to victims of cyber incidents and quickly share information with other potential victims, driving cyber risk reduction across all critical infrastructure sectors.” While […]

The post CIRCIA feedback update: Critical infrastructure providers weigh in on NPRM appeared first on Security Intelligence.

Continue reading CIRCIA feedback update: Critical infrastructure providers weigh in on NPRM

Cost of a data breach 2024: Financial industry

Posted on by

According to the IBM Cost of a Data Breach 2024 report, the average global breach cost has reached $4.88 million — a significant increase over last year’s $4.45 million and the biggest jump since the pandemic. For financial industry enterprises, costs are even higher. Companies now spend $6.08 million dealing with data breaches, which is […]

The post Cost of a data breach 2024: Financial industry appeared first on Security Intelligence.

Continue reading Cost of a data breach 2024: Financial industry

 It all adds up: Pretexting in executive compromise

Posted on by

Executives hold the keys to the corporate kingdom. If attackers can gain the trust of executives using layered social engineering techniques, they may be able to access sensitive corporate information such as intellectual property, financial data or administrative control logins and passwords. While phishing remains the primary pathway to executive compromise, increasing C-suite awareness of […]

The post  It all adds up: Pretexting in executive compromise appeared first on Security Intelligence.

Continue reading  It all adds up: Pretexting in executive compromise

Unpacking the NIST cybersecurity framework 2.0

Posted on by

The NIST cybersecurity framework (CSF) helps organizations improve risk management using common language that focuses on business drivers to enhance cybersecurity. NIST CSF 1.0 was released in February 2014, and version 1.1 in April 2018. In February 2024, NIST released its newest CSF iteration: 2.0. The journey to CSF 2.0 began with a request for […]

The post Unpacking the NIST cybersecurity framework 2.0 appeared first on Security Intelligence.

Continue reading Unpacking the NIST cybersecurity framework 2.0

Spend to save: The CFO’s guide to cybersecurity investment

Posted on by

Attack volumes are up, and attackers are finding new ways to compromise corporate security. According to the HackerOne 6th Annual Hacker-Powered Security Report, ethical hackers found 65,000 vulnerabilities in 2022. What’s more, 92% of hackers said they could pinpoint weaknesses that scanning tools missed, making reliance on detection technology alone a dangerous prospect. At the […]

The post Spend to save: The CFO’s guide to cybersecurity investment appeared first on Security Intelligence.

Continue reading Spend to save: The CFO’s guide to cybersecurity investment

CSC report: Space systems should be critical infrastructure

Posted on by

In 2013, Presidential Policy Directive (PPD) 21 established 16 critical infrastructure sectors responsible for providing essential services that underpin American society. These services are not only vital to the country’s safety and prosperity but are inherently tied to public confidence. As a result, the PPD makes it clear that “proactive and coordinated efforts are necessary […]

The post CSC report: Space systems should be critical infrastructure appeared first on Security Intelligence.

Continue reading CSC report: Space systems should be critical infrastructure

SIEM and SOAR in 2023: Key trends and new changes

Posted on by

Security information and event management (SIEM) systems remain a key component of security operations centers (SOCs). Security orchestration, automation, and response (SOAR) frameworks, meanwhile, have emerged to fill the gap in these capabilities left by many SIEM systems. But as many companies have begun reaching the limits of SIEM and SOAR systems over the last […]

The post SIEM and SOAR in 2023: Key trends and new changes appeared first on Security Intelligence.

Continue reading SIEM and SOAR in 2023: Key trends and new changes

As Data Gravity Goes Up, are Clouds Becoming Black Holes?

Posted on by

The more data in one place, the more data it attracts. This “data gravity” is a familiar function for enterprises, even if the term isn’t. As the number of applications hosted on local servers increases, so too does the amount of data necessary for them to operate. Add more data and more applications are required […]

The post As Data Gravity Goes Up, are Clouds Becoming Black Holes? appeared first on Security Intelligence.

Continue reading As Data Gravity Goes Up, are Clouds Becoming Black Holes?

Going Up! How to Handle Rising Cybersecurity Costs

Posted on by

The average cost of cybersecurity systems, solutions and staff is increasing. As noted by research firm Gartner, companies will spend 11% more in 2023 than they did in 2022 to effectively handle security and risk management. This puts companies in a challenging position: If spending stays the same, IT environments are at risk. If they […]

The post Going Up! How to Handle Rising Cybersecurity Costs appeared first on Security Intelligence.

Continue reading Going Up! How to Handle Rising Cybersecurity Costs

And Stay Out! Blocking Backdoor Break-Ins

Posted on by

Backdoor access was the most common threat vector in 2022. According to the 2023 IBM Security X-Force Threat Intelligence Index, 21% of incidents saw the use of backdoors, outpacing perennial compromise favorite ransomware, which came in at just 17%. The good news? In 67% of backdoor attacks, defenders were able to disrupt attacker efforts and […]

The post And Stay Out! Blocking Backdoor Break-Ins appeared first on Security Intelligence.

Continue reading And Stay Out! Blocking Backdoor Break-Ins