Featured Blogs
The Executive Order – Improving the Nation’s Cyber Security
On May 12, the President signed the executive order (EO) on Improving the Nation’s Cybersecurity. As with every executive order, it establishes timelines for compliance and specific requirements of executive branch agencies to provide specific plans to meet the stated objectives. It is clear from the EO that the Executive ...
Why May 2021 Represents a New Chapter in the “Book of Cybersecurity Secrets”
May 2021 has been an extraordinary month in the cybersecurity world, with the DoD releasing its DoD Zero Trust Reference Architecture (DoDZTRA), the Colonial Pipeline being hit with a ransomware attack, and the White House releasing its Executive Order on Improving the Nation’s Cybersecurity (EO). Add to that several major ...
Happy Birthday GDPR!
Believe it or not, the baby turns 3 today! And like with every three-year-old, there is a lot to watch out for. Granted, when GDPR was born it was after a 2-year gestation (transition) period. What followed were many sleepless nights with the new baby when it was born on ...
Cyber Cyber, Burning Bright: Can XDR Frame Thy Fearful Asymmetry?
The security industry is engulfed in the most asymmetric cyberwarfare we have ever seen. The outcome of an Attacker’s mission may depend entirely upon a single misplaced charge on a single memory chip on a single server, perhaps the difference between a vulnerable and secure setting in a registry key, ...
Alert Actionability In Plain English From a Practitioner
In response to the latest MITRE Engenuity ATT&CK® Evaluation 3, McAfee noted five capabilities that are must-haves for Sec Ops and displayed in the evaluation. This blog will speak to the alert actionability capability which is essential. This critical ability to react in the fastest possible way, as early as possible on the attack chain, while correlating, aggregating and summarizing all subsequent activity while reducing alert fatigue to allow Sec Ops to uphold efficient actionability. As a Sec Ops practitioner and ...
Data Localisation – The Magic Bullet?
In the wake of the Schrems II decision[1], and even more in the light of Friday’s Facebook ruling[2], the question on everyone’s mind is how to truly protect personal data from the prying eyes of national security agencies around the world. Despite detailed guidelines[3] issued in November 2020, in the ...
Miles Wide & Feet Deep Visibility of Carbanak+FIN7
In our last blog about defense capabilities, we outlined the five efficacy objectives of Security Operations, that are most important for a Sec Ops; this blog will focus on Visibility. The MITRE Engenuity ATT&CK® Evaluation (Round3) focused on the emulation of Carbanak+FIN7 adversaries known for their prolific intrusions impacting financial ...
Mission Possible: Hunting Down and Stopping Stealthy Attackers with MVISION XDR
Imagine, if you will, a scene straight out of one of your favorite impossible mission movies. The background music is driving a suspenseful beat while the antagonist attempts to steal the latest technology from a very favored industry competitor called Rad-X Incorporated. It’s a trade secret that will change the ...
POPIA – July 1st Deadline Approaches For New South African Data Protection Act
Data protection acts are regularly coming into force around the world and on July 1st 2021 it is the turn of South Africa, as the POPIA (Protection of Personal Information Act) will be enforced from that date. I caught up with David Luyt, Privacy Counsel at Michalsons in Cape Town ...
What the MITRE Engenuity ATT&CK® Evaluations Means to SOC Teams
SOCwise Weighs In When the infamous Carbanak cyberattack rattled an East European bank three years ago this month few would have guessed it would later play a starring role in the MITRE Engenuity™ enterprise evaluations of cybersecurity products from ourselves and 28 other vendors. We recently shared the results of ...
