Supply Chain Security and NIS2: What You Need to Know
The Network Information Systems Directive (NIS2) and its predecessor NIS focus on risk management for organizations. The EU states that the NIS is the first piece of EU-wide legislation on cybersecurity with the goal of achieving a high common level of cybersecurity across the member states. The NIS2 will be quite impactful, especially as it […]
Third-Party Cybersecurity Risk Management: A Short Guide for 2024
Third-parties are an important part of your extended enterprise. They’re your vendors, your partners, and your suppliers. They provide some of your business’s most critical services: billing, data storage, or sales. Unfortunately, vendors and suppliers also come along with significant third party cybersecurity risk. Early in January, Gartner named third-party risk cyber management (TPCRM) a […]
NIS2 Compliance: Updated for 2024, Complete Guide
The Network Information Systems Directive (NIS) was published in 2016 and required EU critical infrastructure sectors to meet basic cybersecurity compliance requirements. In October 2024 the second iteration of the Network Information Systems Directive (NIS2) will be going into effect, which will both substantially expand the number of entities required to be compliant in addition […]
Threat Spotlight: New Frontier of AI Exploits
As machine learning (ML) and artificial intelligence (AI) become increasingly complex, they pose new possibilities for organizations and threat actors. Over the last fifteen years, neural networks and deep learning technologies have evolved at a rapid pace. Over the past four years, from the release of GPT1 through today’s GPT4, AI models have evolved from […]
STIX & TAXII Threat Intelligence: A Quick Guide
Among the various tools and frameworks available for cyber threat intelligence (CTI), STIX and TAXII stand out due to their robustness and interoperability. We present a quick guide to STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information). These protocols facilitate systematic sharing, correlation, and management of cyber threat intelligence, and […]
Threat Spotlight: Data Extortion Ransomware: Key Trends in 2023
Ransomware Trends Overview As ransomware’s fundamental nature shifts from encryption to data exfiltration, organizations’ data backup and recovery practices no longer protect them from attacks. Over the course of the past few years, the cybercriminal landscape changed too. More and more criminal ransomware organizations are adopting “as-a-Service” business models on the dark web which open the […]
Cyber Threat Intelligence Frameworks: What You Need to Know
CTI represents a proactive and strategic approach to cybersecurity, providing organizations with the insights needed to identify and combat potential cyber threats. These CTI frameworks are evolving, adapting to the changing threat landscape and leveraging cutting-edge technologies to enhance their effectiveness. Understanding the Evolution of Cyber Threat Intelligence Frameworks The digital landscape is ever-evolving, with […]
Digital Brand Protection: Monitoring Your Brand Across the Clear & Dark Web
Whether it’s trademark infringement, counterfeit goods, data breaches, or damaging chatter in the dark corners of the internet, these threats can seriously undermine your brand’s integrity and bottom line. Vigilant and comprehensive digital brand protection strategies are an absolute necessity. Wherever it appears, your digital brand should remain secure, credible, and trustworthy. Understanding the Importance […]
Cyber Threat Analysis: A Quick Guide
The need for effective cyber threat analysis – a critical process that involves identifying, investigating, and evaluating potential threats to maintain the integrity of our digital environments, is integral to cybersecurity. For businesses harnessing the power of Software as a Service (SaaS) platforms, particularly those in the field of cyber threat intelligence, comprehending and implementing […]
Cyber Threat Exposure: Detection & Prevention Guide
At its core, cyber threat exposure management (CTEM) is the culmination of traditional vulnerability management, threat intelligence, and attack surface management. In the past, organizations focused on identifying and patching software vulnerabilities, often with a reactive approach. CTEM is focused on proactively identifying all types of high-risk exposure that could leave your organization at risk, […]