Authors: GRIMM CEO Jennifer Tisdale and Senior Principal Researcher Matt Carpenter Cyber adversaries are becoming more skilled — and more ruthless. Cybersecurity Ventures projects global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion annually by 2025. Given the scope and scale of what’s at stake, companies […]
Contributor: Skip Duckwall A penetration test doesn’t stop at simply uncovering vulnerabilities: it goes the next step to actively exploit those vulnerabilities to prove (or disprove) real-world attack vectors against an organization’s IT assets, data, and users. Below, we’ll discuss questions to ask (and what answers to look for) when evaluating a pen testing company.
The world is rapidly changing, and with it, so is how we approach and protect ourselves from cybersecurity threats. With the increasing sophistication of threat actors, and the ever-growing number of connected devices, the need for advanced security measures is more significant than ever. As you optimize your cybersecurity resilience priorities for the year ahead,
There are plenty of articles detailing the uses of patience, creativity, and above all, learning from your failures. Those are all requirements for excelling in any technical field. Instead of rehashing that baseline, let’s take a look at how a threat actor might stage attacks to create the most extensive damage, regardless of the target.
November is Critical Infrastructure Security & Resilience Month, a nationwide effort to raise awareness and reaffirm the commitment to keep our nation’s critical infrastructure secure and resilient. This year’s theme is Infrastructure Security is National Security: Together We Can Drive Down Risk, Build Resilience, which covers the spectrum of infrastructure security. So, why should you
By: Jennifer Tisdale Public-Private Partnerships (P3) are often thought of in terms of large-scale, long-term relationships between a government agency and a private business, in which the private business provides a service or an asset to the government while also carrying the burden of financial risk. This commonly occurs in terms of real estate when
What is “ransomware”? This came up a couple of times for me this morning, so I thought there might be folks who would benefit from an answer. Specifically, an answer unrelated to selling a ransomware product or service. The term “ransomware” describes the tools, tactics, techniques, and procedures (TTPs) utilized maliciously to either cryptologically prevent
By: Naki Carter It is undeniable that organizations, government agencies, and critical infrastructure providers face evolving cyber threats with increased volume and complexity. Securing your organization’s information and assets requires the right amount of effort focused on appropriate areas. Cyber-Physical Systems Security According to the National Institute for Standards and Technology (NIST), “Cyber-Physical Systems (CPS)