Something to Read When You Are On Call and Everyone Else is at the Office Party
Its mid-December, if you’re on-call or working to defend networks, this newsletter is for you. Martin discusses the widening gap between threat and defences as well as the growing problem of home devices being recruited to act as proxy servers for criminals.
A refresher on Talos’ open-source tools and the importance of the open-source community
Open-source software that is free to download, deploy and modify is a vital component in the fight for cyber security. Freely available software not only helps defend systems that would otherwise be unprotected, but it also allows people to learn and develop vital cybersecurity s
Implementing an ISO-compliant threat intelligence program
The guidance within ISO 27001 identifies which security controls are appropriate, while ISO 27002 describes the controls in detail and how they can be implemented.
Video: How Talos’ open-source tools can assist anyone looking to improve their security resilience
A rundown of Talos open-source software tools, which anyone in the security community can download for free, and use for research, skills, training, or integration into existing security infrastructure.
On the Radar: Is 2022 the year encryption is doomed?
Senior managers responsible for information security should take stock of the encryption algorithms in use within their systems and plan their move to quantum-secure algorithms.
The features all Incident Response Plans need to have
Having a policy that defines how an organization can respond to cybersecurity incidents, and a plan on how to deal with those incidents can play a major role in resolving them with minimal cost and downtime.
Threat Advisory: HAFNIUM and Microsoft Exchange zero-day
Microsoft released patches for four vulnerabilities in Exchange Server on March 2, disclosing that these vulnerabilities were being exploited by a previously unknown threat actor, referred to as HAFNIUM. The vulnerabilities in question — CVE-2021-26855, CVE-2021-26857, CVE-2021-
CISO Advisory: Security Architecture
This is the second paper within the series of CISO Advisories, in this case addressing Security Architecture which articulates risks and ensures security standards are met within an organization. Download the paper here. Access the series introduction and index here.
CISO Advisory: Governance & Risk Management
In the first in a series of CISO Advisories this paper address Governance & Risk Management as a fundamental part of any cyber security strategy. Download the paper here. Access the series introduction and index here.