Airspace Vulnerabilities in Healthcare

Wireless adoption is quickly emerging in every industry vertical that is using digitalization to simplify operations. The issue is that from a security perspective, the move to wireless creates situations where a “trusted” internal network suddenly bridge to an external network and can accessed wirelessly. What might have been an acceptable risk, where only a […]

Why Should You Care about Cyber Threat and Risk Assessment?

Cyber risks are evolving fast and organizations need to deal with them in more efficient ways. This requires an all-inclusive and agile approach to identifying threats and then eliminating or mitigating them. Orchestra Group’s Harmony IoT and Harmony Purple enable comprehensive cyber risk assessment and management for all sizes of enterprises. Harmony IoT provides outside-in […]

Risk Based Vulnerability Management

Cyber defense is moving to a risk management and operations paradigm (see previous posts on effective cyber risk management and policy based cyber risk management). One aspect of risk management as a cyber defense strategy is risk-based vulnerability management (RBVM). Risk-based vulnerability management is a proactive cyber defense strategy used to prioritize mitigation of cyber […]

SOAR vs. XIP – Reactive to Proactive Cyber Security Operations

The NIST Cybersecurity Framework identifies five functions (Identify, Protect, Detect, Respond, and Recover) as the five primary pillars for a successful cybersecurity program. These functions focus on cybersecurity management at a high level and define both proactive (i.e., protect before the attack – or left-of-bang) and reactive (i.e., response after the attack – or right-of-bang) […]

Risk of Delay

Many organizations have security policies that have an associated time frame. For example a patch policy could be that a patch must be applied to a vulnerable server within a specific timeframe. It makes sense since timely patching is an important security control – but patching can have a business impact (the need to reboot […]

Exchange, Solarwinds and Supply Chain Attacks

Another major cyber issue is making the rounds this week – the Microsoft Exchange vulnerabilities published last week. The issue is the known exploitation of a set of unpublished vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-26858). These vulnerabilities are being used to attack on-premises versions of Microsoft Exchange Server. They can be used to access email accounts, […]

5 Good Practices for Policy based Cyber Risk

A risk management approach is fundamentally different than the standard approach to cyber security. It requires that organizations explicitly decide on what risks to ignore – an outcome of really deciding where to focus. That is an anathema to most security folks – but that exactly is what is needed at the executive level. As […]

…and Cisco Scores a Perfect 10!!

Cisco just published a vulnerability that could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The CVE-2021-1388 vulnerability ranks 10 (out of 10) on the CVSS vulnerability-rating scale. The weakness is considered critical because even an unauthenticated attacker could remotely exploit it through the affected API. Affected products were announced in […]

All the (cyber) World’s a Graph

Graphs are about the connectedness of objects. Graph’s show us correlation and dependence between seemingly random objects as well as the degrees of freedom and separation from other objects. Social graphs (like Facebook, Twitter and LinkedIn) have had huge impact on society (both good and bad) and how we interact. Graphs allow us create predictive models […]