What is Credential Stuffing?

What is Credential Stuffing?

Credential stuffing has been in the news because it is a method of attempting to take over accounts of a company by using the databases of known breaches to ‘stuff’ thousands or millions of known credentials into an automated bot and attempting to see if they can get...
What is proactive incident response?

What is proactive incident response?

Incident response as a term is reactive, so it’s no wonder that a proactive approach to incident response is a foreign concept to many clients and resellers that we work with.  Let’s look at a few common scenarios to understand why proactive incident...
Modern Cyber Security – The Cart before the Horse Syndrome

Modern Cyber Security – The Cart before the Horse Syndrome

Ah the rise of the cybersecurity industry. So many tools, so many ‘silver bullets’. Don’t get me wrong this is not necessarily a bad thing. There are gaps and problems and tools are built to solve these problems and address these gaps. The issue is when a security...
Poorly Written Ransomware Still Infects Unpatched Systems

Poorly Written Ransomware Still Infects Unpatched Systems

WannaCry malware hit the news in 2017 when reports of the damaging attack spread through more than 150 countries.  The National Health Service in the UK, and FedEx where two of the worst hit organizations, but countless others, including small business, schools, and...
Why you should frustrate your pen testers

Why you should frustrate your pen testers

The third or fourth step in any breach (depending on who you talk to) is that an attacker must ‘gain authority’. Think of it like a bank; if the criminal breaks into the vestibule they have little or nothing to steal, they have to get from the vestibule to the main...
How Expensive is Effective Cybersecurity?

How Expensive is Effective Cybersecurity?

There is almost no limit to how much you could spend on cybersecurity solutions, and with Gartner estimating global spend on security is equal to about 1.5% of worldwide revenue – does that mean that effective cybersecurity has to be expensive?  And what is...