The Importance of Threat Modeling for Organizations

Introduction It’s a war out there and the top brass have assembled. Enemy forces are posing a crisis and the generals must strategize their next move based on their intel covering the opposition’s numbers, strengths and weaknesses, and known lines of attack.  Most of us will identify with this all-too-familiar scene in war films. Inevitably,…

read more

Redefining Cybersecurity Insurance for the Evolving Digital Threat Landscape

The 2017 Russian-backed NotPetya attack (1) that affected numerous verticals in over 65 countries worldwide, crippling computers with a worm that prevented systems booting, is a benchmark case showing why cyber insurance is behind the times and needs to evolve. Attributed to the infamous Sandworm group, the attack crippled nearly 80% of cyber installations in…

read more

A Concerted Plan for AI Risk Mitigation

In 2017 with Christmas round the corner, when fans of OWN, Oprah Winfrey’s Television Network received an Instagram message from her asking them not to respond to a scam that promised to give away USD 5,000 to the first 1 million followers as it might compromise their personal information, it marked one of the earliest…

read more

SIEM: Your Go-To Cybersecurity Solution of Choice

Introduction The digital world has made many things relatively easy to accomplish. The wide variety of apps and huge repositories of information available at one’s fingertips has made it a breeze for users in the corporate or consumer space to attain what they are looking for. Users are literally spoiled for choice by the plethora…

read more

The Looming Threat of Fatigue, Stress and Burnout in Cybersecurity

The March 2022 attack on communications app maker 3CX was not the first attempt by threat actors to monetize their scams. Perpetrated by the Labyrinth Chollima group based in North Korea, the attack – nicknamed Smooth Operator – has however been acknowledged as the first recorded instance of a breach that linked two separate supply…

read more

Managing the Risks of Generative AI and LLMs Through Technological Advances

The RSA Conference in San Francisco in April 2023 brought into sharp focus the increasing role of Artificial Intelligence (AI) in shaping the digital landscape, with particular emphasis on its implications for cybersecurity. Featuring perspectives on the benefits and risks of AI, the event included presentations from a wide range of experts from the administrative,…

read more

Identity Fabric Immunity – IAM Redefined

Introduction At the March 2023 Gartner Identity & Access Management Summit, which brought together the Who’s Who of the cyber security world to debate the evolving world of Identity Fabric Immunity, the script could well have read ‘In the beginning there was IAM’. In a series of eye-opening presentations, Gartner’s experts led the elite audience…

read more

Shadow AI – The New Insider Threat

The advent of Zero Trust spawned the mantra ‘Trust no one, verify everyone.’ After a spate of serious data breaches involving their employees, organizations began to admit that insider threats were no less a danger than threats from malicious external actors. Insider threats, however, could still be categorized based on their intention. There were intentional…

read more
supply chain image

Digital Supply Chains: Under Siege in the Cyber Realm

Introduction Though the evolution of cyber threats (1) dates back to 2013 when Iranian hackers breached the Bowman Avenue Dam in New York and seized control of the dam’s floodgates, the year 2021 is generally recognized as the benchmark year for cyber attacks on digital supply chains. The month of May 2021 witnessed a series…

read more