Cybersecurity Rant Part Deux – The Threats Aren’t As Complex As We Make Them Out to Be

Last summer, after being inundated with false claims from fellow security vendors, I let loose in a “cybersecurity rant” blog. As we approach RSA, the FUD dial is being turned up again and instead of just throwing up my hands and yelling “GREAT SCOTT!” I thought it would be healthier to air my frustrations with… Read More

2017 Cyber Forecast: Threat Intel Will Play Major Role in Helping Organizations Manage Risk

There are a lot of cybersecurity trends to reflect on as we kick off the new year — the growth of ransomware and extortion, the emergence IoT-powered botnets, the evolving cybercriminal landscape — but I believe the biggest risk trend to watch in 2017 may revolve around how organizations react to dealing with those new… Read More

Cybersecurity Budgets: Does More Money Equal More Secure?

I’ve read report after report showing that security budgets were increasing, yet the number of breaches at companies of all sizes also continues to climb. This leads me to believe that somewhere there is a breakdown in how cybersecurity programs are being run — where allocating more spend and focus on cybersecurity oftentimes does NOT… Read More

Controlling What You Can Control: Using the Threat Triangle to Gain Focus

With cyber-attacks on the rise and organizations looking for more effective ways to fend off malicious actors, cyber threat intelligence has emerged as a buzzword in cybersecurity. Unfortunately, some of the information being marketed as cyber threat intelligence isn’t backed up by much actual intelligence; rather, it’s just another threat feed to be added to… Read More

Learning from Cybercriminals: Using Public Tools for Threat Intelligence

Effective cyber threat intelligence is largely about gaining proper context around the risks facing your organization. As SurfWatch Labs chief security strategist Adam Meyer recently wrote, there are three pillars when it comes to evaluating those cyber threats: capability, intent and opportunity. The first two, the capability and intent of threat actors, are mostly external aspects that you… Read More

Closing the C-Suite Knowledge Gap with Cyber Threat Intelligence

I spend my work days digging through SurfWatch Labs’ cybercrime data and writing blogs and reports on the latest cyber threat intelligence trends, so it should come as no surprise that among my friends and family, I’ve become the “cybersecurity guy.” In fact, many of those same people in my personal life would be happy to shove… Read More

Does Your Cyber Threat Intelligence Tell a Story?

I began at SurfWatch Labs several years ago with one primary directive: be a story teller. Cybercrime impacts everyone, I was told, yet many business owners, executives and employees know next to nothing about cybersecurity.  For the most part those people were either unaware, assumed their business would never be a targeted by hackers, or… Read More

Costs of Data Breaches Rising, But Its Not All Bad News

It should come as no surprise, but data breaches are costly for organizations. Each stolen record containing sensitive or confidential information costs an organization an average of $158, according to the 2016 Ponemon Cost of Data Breach Study released last month. That price more than doubles – to $355 – when looking at a highly… Read More

How Threat Intelligence is Used in the Real World – Customer Interview

I recently had the pleasure of sitting down with Larry Larsen, Director of Cyber Security at Apple Federal Credit Union, to learn about the cybersecurity challenges they face and how threat intelligence fits into their overall approach to risk mitigation. Larry explained that his primary objective is two-fold: to protect member information and assets, and to protect… Read More

Q&A: How can Threat Intel Help Your Organization? (Part 2)

Cyber threat intelligence offers an in-depth look at the potential threats and attack vectors facing an organization. Each organization is different, and in these differences there are a variety of ways cybercriminals can exploit a company. Security tools such as firewalls and antivirus software protect against several of these threats, but they cannot protect an… Read More