Exchange, Solarwinds and Supply Chain Attacks

Another major cyber issue is making the rounds this week – the Microsoft Exchange vulnerabilities published last week. The issue is the known exploitation of a set of unpublished vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-26858). These vulnerabilities are being used to attack on-premises versions of Microsoft Exchange Server. They can be used to access email accounts, […]

5 Good Practices for Policy based Cyber Risk

A risk management approach is fundamentally different than the standard approach to cyber security. It requires that organizations explicitly decide on what risks to ignore – an outcome of really deciding where to focus. That is an anathema to most security folks – but that exactly is what is needed at the executive level. As […]

…and Cisco Scores a Perfect 10!!

Cisco just published a vulnerability that could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The CVE-2021-1388 vulnerability ranks 10 (out of 10) on the CVSS vulnerability-rating scale. The weakness is considered critical because even an unauthenticated attacker could remotely exploit it through the affected API. Affected products were announced in […]

All the (cyber) World’s a Graph

Graphs are about the connectedness of objects. Graph’s show us correlation and dependence between seemingly random objects as well as the degrees of freedom and separation from other objects. Social graphs (like Facebook, Twitter and LinkedIn) have had huge impact on society (both good and bad) and how we interact. Graphs allow us create predictive models […]

Back to the Future: A 2023 Report on Effective Cyber Risk Management

I talk to a lot of companies about cyber risk management vs. cyber security. I seem to get one of two possible responses – the first being a blank stare, the second being whole-hearted agreement but with the caveat that they are just starting on their journey to true cyber risk management. So even though […]

Groundhog Vulnerabilities

Groundhog Day is celebrated each year in the United States and Canada on February 2. It comes from a superstition that if a groundhog emerging from its burrow on this day sees its shadow due to clear weather, it will retreat to its den and winter will persist for six more weeks; but if it does not see its […]

Will Solarwinds be the Crisis Cybersecurity Needs?

All of us in the cybersecurity business like to believe that cybersecurity is a boardroom issue and has been for the last few years. On the other hand we all know that most executives view cyber security as a technical issue to be handled by technologists, antithetical to corporate culture and a burden on doing […]

3 Clear and Present Cyber Dangers in 2021

According to the recently released World Economic Forum (WEF) Global Risks Report 2021, cyber risks continue ranking among the top ten clear and “present dangers” (high probability risks over the next 2 years).   This present danger translates into three key cybersecurity challenges for 2021:   Increasing cybersecurity complexity – This is driven both by increased […]

Threat Intelligence + Threat Scenarios = Predictive Cyber Security

Cyber Threat Intelligence (CTI) involves analyzing information about threats and producing guidance on how to respond. An interesting 2020 survey by the SANS institute on CTI (requires registration) found more organizations then ever adopting CTI programs and focusing on tactics, techniques and procedures (TTPs). The primary goals of these CTI programs are: threat detection (89%), […]

Capitol Breach and Cyber Threats

Last week pro-Trump rioters occupied portions of the U.S. Capitol building. This is a real issue for cyber defense since once there is known or presumed loss of physical security for systems you can no longer assume the same level of trust for those devices.  This scenario is similar to supply chain attack scenarios (like […]