Originally appearing in Cyber Defense Magazine On February 7, 2024, the US Government Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory titled “PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure[1]”. The advisory goes on to describe the Chinese malicious software named “Volt Typhoon” and states “The U.S. authoring agencies [...]
Introduction The SEC is getting serious about cybersecurity with proposed rulings that increases expectations on cybersecurity compliance and reporting. In combination with the SEC’s recent issuance of a “Wells Notice” to the executives at Solar Winds for that company’s response to its 2021 cybersecurity breach, personal liability for executives is also raising the stakes. As [...]
Introduction to Pre-mortem Analysis Pre-mortem analysis is a proactive approach to risk management that can help organizations identify and mitigate potential failures before they occur. Unlike a traditional post-mortem analysis, which is conducted after a project has been completed, pre-mortem analysis takes place at the start of a project and involves envisioning a scenario in [...]
June 6, 1944 will forever go down in history as D-Day. That was the day the Allied forces sent B-17 planes to carpet bomb Normandy. These planes had a high mortality rate—they were shot out of the sky at a much higher frequency than the Allies had expected. As the B-17s landed in the English [...]
Originally Published on Forbes The last time you went to the doctor, did you pay attention to the process the doctor’s office used? You probably didn’t feel well, so you scheduled an appointment. When you arrived, the nurse called you in to get your vitals. Then, perhaps they sent you to the lab to draw [...]
Originally Published on Forbes Every day, we hear about new digital attacks wreaking havoc on individual companies (and, in some cases, even entire industries). Cyber criminals are increasingly sophisticated, and the impact a digital attack can have on an organization can be devastating. As a business leader, it falls to you to make sure your [...]
Today’s cybercriminals are increasingly sophisticated. Just downloading some antivirus software isn’t nearly enough protection against them. Instead, guarding your organization’s digital assets on a constant basis requires a strong digital defense team. But where do you start? How do you create a well-rounded, effective team? How can you create a team that will have the [...]
What you can’t see can hurt you. We identify the blind spots in your internal network
The unknown is a threat. Our external network testing highlights vulnerabilities that could be exploited from the internet
Web apps are the front door of your business. We make sure its locked down.
Compliance is about reducing uncertainty. We help you navigate complex regulatory environments (SOC 2, NIST, ISO, PCI) reducing the chance of costly breaches and regulatory penalties.
If you are building mobile apps, we help you check if they are vulnerable.
Your sensitive data may already have been leaked on dark web criminal networks. We discover that sensitive data and share with you a threat profile report on your business so that you can be better prepared.
