Jenny Radcliffe on People Hacking
Glenn Ware on Threat Management
Sanjay Subramanian: Information Siloes Exacerbate Threats
“Life can only be understood backwards; but it must be lived forwards.” – Søren Kierkegaard - Most security programs are designed to pass a test. Policies are documented. Controls are mapped. Tools are deployed. And for a...more
As tensions flare in the Middle East, speculation is growing over the potential impacts of Iranian cyberattacks targeting US based companies and infrastructure. We saw similar reactions in 2020 following the death of the head...more
Credential-based threats—such as password sprays, token reuse, and low-complexity sign-in attempts—remain a constant operational burden. While these activities are easily detected in most environments, the workflows to fully...more
The Posture Visibility Problem - CrowdStrike Cloud Security Posture Management (CSPM) provides critical visibility into misconfigurations—such as publicly accessible storage, unencrypted assets, and overly permissive...more
The tragic murder of two Israeli Embassy staffers in DC on May 21 is a sobering reminder that tensions between pro-Israel and pro-Palestine groups remain high after October 7, 2023. In the aftermath of that war, several...more
In a world where threats to our personal and professional safety are constantly evolving, how prepared are you and your clients—really? Join us for our webinar program, “How Vulnerable Are You? Identifying, Mitigating &...more
In this weekly update, we summarise the most notable updates in the UK sanctions world....more
When Security Tools Don’t Talk to Each Other - Managing multiple security tools shouldn’t feel like juggling. But for many teams, that’s the reality—especially when their endpoint protection and SIEM don’t automatically...more
On March 12, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued a...more
Online abuse in sports has reached alarming levels, targeting athletes, coaches, and officials, especially during high-profile events. Recognizing the growing threat, the National Collegiate Athletics Association (NCAA)...more
California employers will soon be able to more easily obtain temporary restraining orders (TROs) to protect employees from harassment before conduct has escalated to acts of violence or credible threats of violence under a...more
On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging...more
Everyone thinks they can spot a phishing email. If true, we would not see so many security incidents, data breaches, and ransomware attacks. The statistics are overwhelming that phishing emails are a significant cause of data...more
Today’s ever-changing global threat environment—shaped by factors including geopolitical upheaval, sanctions, cyberthreats and ransomware attacks, pandemics and natural disasters, and artificial intelligence and emerging...more
In response to “multiple” cyber threat vectors, the Biden administration has asked governors of all 50 states to generate cybersecurity plans within 90 days (approximately July 1, 2024) to protect local water and wastewater...more
The Biden-Harris Administration is redoubling its efforts to improve cybersecurity for the nation’s water systems. In March, the EPA and the White House issued a dire warning to state governors alerting them of the need to...more
On December 15, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) issued a Secure by Design Alert and guidance on “How Manufacturers Can Protect Customers by Eliminating Default Passwords.”...more
In the spirit of the season, we are using our annual "12 days of the holidays" blog series to address new California laws and their impact on California employers. On the ninth day of the holidays, my labor and employment...more
As we learned in part one of this strategic planning series, strategic planning is a critical tool to help behavioral intervention and threat assessment teams (BIT) meet the mission, vision, and internal/external mandates of...more
Imagine, if you will, that you have survived a horrific plane crash on top of a snowy mountain. Littered next to you are pieces of the plane, limited supplies, and one other survivor coming in and out of consciousness. Your...more
We previously reported on the unfortunate data breach suffered by 23andMe last month and its implications. We never imagined how horrible it could be....more
If you read about the world of hackers and cyber threats, you will quickly become numb to the creativity and variety of techniques that may threaten your organization. Like all risks, however, the key is to consider...more
Summary - An opinion about a category of unprotected speech called “true threats” sheds light on how a majority of the justices may view New York Times v. Sullivan, a key defamation case. It also resolves a split over the...more
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more
Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes....more