Most people develop opinions and philosophies based on their experiences and observations. This process occurs over time, leading to perspectives that can make it difficult to adapt to changing risks. It's easy to get stuck in the mindset of “we’ve never had a problem before” and that can limit willingness and ability to accept new information. Having witnessed (and rescued) a wide variety of technology projects over the past fifteen years, we would argue that most organizations don’t … [Read more...]
What to expect when you’re not expecting (a security breach)
2015 was another difficult year for Cybersecurity practitioners and organizations working to defend themselves against an increasingly innovative, aggressive, and situationally aware set of adversaries. Large breaches made headlines, while many individuals and smaller organizations were victimized by well monetized crimeware[1] (especially ransomware[2]) and various email and other online account compromises. We see susceptibility to social engineering, unpatched (vulnerable) software, and a … [Read more...]