Breach Response: Mitigating an Outbreak

By Azeem Aleem, Gareth Pritchard and David Gray, RSA Advanced Cyber Defense It’s mid-2017 and the news is alight with yet another alarming cybersecurity attack. A new strain of a malware variant, which on first analysis looks very similar to a previously reported malware strain called “Petya” (ransomware armed with the EternalBlue exploit amongst other methods including MS17-010, PSEXEC and auth-reuse to achieve lateral movement). EternalBlue is an exploit leaked…

June 28, 2017

What Really Led to WannaCry?

Much of the focus on WannaCry has been on how it works and what organizations need to do in the near term to recover. It’s important, however, to take a step back and ask ourselves why WannaCry became such a tour-de-force in the first place. After all, the security community has been talking about concepts like patch management for decades. For example, rapidly spreading worms like Slammer, Sasser, Nimda, Code…

May 19, 2017

What Your Business Can Learn from WannaCry

The biggest cyber attack began last week, spreading to more than 150 countries and infecting 200,000 machines. The outbreak is a ransomware threat, WanaCrypt0r 2.0 also known as WannaCry, with worm-like capabilities leveraging an exploit against vulnerable Microsoft Windows® operating systems. Ransomware mimics the age-old crime of kidnapping: someone takes something you value, and in order to get it back, you have to pay up. Owners of the infected computers…

May 16, 2017


By Steve Mowll and Chris Williams Question: When it comes to the complexities of identity management, is what we try to do in identity management the problem or is it just inherently hard? Point: We might be making it harder than it needs to be. Setting complex requirements may affect long-term suitability and success. Chris Williams –Advisory Architect, RSA Identity Visiting with security and identity practitioners, talking about their missions,…

May 4, 2017

Chasing the Rabbit: Cybersecurity Through the Camera Lens

Azeem Aleem and Dave Gray Nothing will work if you are not serious about it – Sam Abell The blog post is intended to take a different perspective (pun intended) of how we view our security platforms and how to go about rationalizing our Business-Driven Security™ decisions about cyber threats and mitigation strategies. It all comes down to perspective, which is a cognitive capacity and is essential in understanding the…

May 1, 2017

Is the cyberworld doomed to be unsafe forever?

Before seeking an answer, let’s question the question. I recently returned to the cybersecurity industry and (re)joined the good fight to secure the cyberworld. As the digital era unfolds, it feels good to be part of this mission-driven industry to help create a safe digital future. While a lot has changed, and there have been great advances in technology, does the cyberworld feel any safer today than before? We are in…

April 24, 2017

Fraud Management Metrics that Drive Investment

If your role is responsible for a budget, your work ultimately revolves around one word: metrics.  It is a word we often dread, because we can never seem to get it right.  I live and breathe metrics in marketing, and if you are the gal or guy responsible for the fraud management or cyber security program in your organization, you will completely understand what I am about to say. In…

March 14, 2017

RSA and the Power of CommUNITY

After attending RSA Conference 2017 it was clear the theme – The Power of CommUNITY – was a thread throughout the conference. This was seen in several places: Dr. Zulfikar Ramzan, CTO of RSA, mentioned this topic several times in his keynote on Tuesday morning. He urged us as an industry to “draw connections” and use “technologies [that] leverage business context from each other, they can prioritize the incidents that…

March 2, 2017

What do RSA Conference 2017 and my DVR have in common?

Another year, another RSA Conference. At this point, I have lost count of my appearances at this annual gathering of all things security – I believe it was number 15 or 16 for me. I say “appearances” because the days blur into such a steady stream of meetings, discussions and general sensory overload that at the end of the week, I know I ‘appeared’ many places, but still wish I…

March 1, 2017

Business-Driven Security™ to Lead through Chaos

My last post discussed the changing nature of security. The impact of today’s cyberattacks aren’t limited to stealing financial information or personal data. Instead, these attacks seed chaos. With this reality at hand, the need for business-driven security is even more pronounced. Security professionals must draw connections between the technical details of a security incident and the corresponding business impact. Otherwise, they’ll fall into the gap of grief. I covered…

February 16, 2017