Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment.…

Read More

How to Prepare for and Respond to a Data Privacy Breach

Before I started covering cybersecurity, I thought the term ‘breach’ had a single meaning — that an attacker stole data from a computer system. I also thought all the different versions of the word meant the same thing. However, I’ve since learned the nuances and differences between a breach, a…

Read More

NIST Supply Chain Security Guidelines: 10 Key Takeaways

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) recently published updated guidance for reducing cybersecurity risks in supply chains. Titled “Software Supply Chain Security Guidance,” the update is NIST’s response to directives issued by an executive order by President Joe Biden, designed to improve cybersecurity in…

Read More