The Importance of Threat Modeling for Organizations
Introduction It’s a war out there and the top brass have assembled. Enemy forces are posing a crisis and the generals must strategize their next move based on their intel covering the opposition’s numbers, strengths and weaknesses, and known lines of attack. Most of us will identify with this all-too-familiar scene in war films. Inevitably, […]
Redefining Cybersecurity Insurance for the Evolving Digital Threat Landscape
The 2017 Russian-backed NotPetya attack (1) that affected numerous verticals in over 65 countries worldwide, crippling computers with a worm that prevented systems booting, is a benchmark case showing why cyber insurance is behind the times and needs to evolve. Attributed to the infamous Sandworm group, the attack crippled nearly 80% of cyber installations in […]
A Concerted Plan for AI Risk Mitigation
In 2017 with Christmas round the corner, when fans of OWN, Oprah Winfrey’s Television Network received an Instagram message from her asking them not to respond to a scam that promised to give away USD 5,000 to the first 1 million followers as it might compromise their personal information, it marked one of the earliest […]
The Evolving Role of CISOs and the Communication Challenges in Cybersecurity Leadership
Introduction In the 80s hit song Here Comes the Rain Again, Annie Lennox, one part of the then famous pop group Eurythmics, sings despairingly with her ex-lover-turned-band mate Dave Stewart: ‘Talk to me like lovers do!’. Melancholy aside, this line, representing the need for communicators to be on the same page, explains the need for […]
SIEM: Your Go-To Cybersecurity Solution of Choice
Introduction The digital world has made many things relatively easy to accomplish. The wide variety of apps and huge repositories of information available at one’s fingertips has made it a breeze for users in the corporate or consumer space to attain what they are looking for. Users are literally spoiled for choice by the plethora […]
The Looming Threat of Fatigue, Stress and Burnout in Cybersecurity
The March 2022 attack on communications app maker 3CX was not the first attempt by threat actors to monetize their scams. Perpetrated by the Labyrinth Chollima group based in North Korea, the attack – nicknamed Smooth Operator – has however been acknowledged as the first recorded instance of a breach that linked two separate supply […]
Managing the Risks of Generative AI and LLMs Through Technological Advances
The RSA Conference in San Francisco in April 2023 brought into sharp focus the increasing role of Artificial Intelligence (AI) in shaping the digital landscape, with particular emphasis on its implications for cybersecurity. Featuring perspectives on the benefits and risks of AI, the event included presentations from a wide range of experts from the administrative, […]
Identity Fabric Immunity – IAM Redefined
Introduction At the March 2023 Gartner Identity & Access Management Summit, which brought together the Who’s Who of the cyber security world to debate the evolving world of Identity Fabric Immunity, the script could well have read ‘In the beginning there was IAM’. In a series of eye-opening presentations, Gartner’s experts led the elite audience […]
Shadow AI – The New Insider Threat
The advent of Zero Trust spawned the mantra ‘Trust no one, verify everyone.’ After a spate of serious data breaches involving their employees, organizations began to admit that insider threats were no less a danger than threats from malicious external actors. Insider threats, however, could still be categorized based on their intention. There were intentional […]
Digital Supply Chains: Under Siege in the Cyber Realm
Introduction Though the evolution of cyber threats (1) dates back to 2013 when Iranian hackers breached the Bowman Avenue Dam in New York and seized control of the dam’s floodgates, the year 2021 is generally recognized as the benchmark year for cyber attacks on digital supply chains. The month of May 2021 witnessed a series […]
