Incident Response

How To Handle A Security Breach

Dealing with a security incident is difficult to do well, but easy to do badly. The headlines are filled with examples of bungled security incidents. There’s the fudging: UK telco TalkTalk initially confused customers with conflicting statements after its 2015 breach, which saw it lose 157,000 customers’ financial details. There’s the failure: The OPM’s mismanagement […]

Read more
What We Learned From WannaCry

What We Learned from WannaCry

Josh Zelonis is irritated. The senior analyst at Forrester Research got more frustrated every day that he read coverage of WannaCry, the ransomware strain that ravaged the Internet last month. Much of the public conversation focused on the NSA, arguing that it shouldn’t have let hackers (a mysterious group called the ShadowBrokers) steal its treasure […]

Read more
Cyber espionage

Cyber-Espionage: How To Spot It and Stop It

This month, Verizon released its Data Breach Investigations Report (DBIR) for 2017. One thing stood out: the rise in cyber-espionage. Spies take many different forms, but they’re all after corporate information. How can you stop them pilfering your secrets and getting a market advantage? Verizon saw more espionage-related breaches this year than last. 2016’s report […]

Read more
Red Team Blue Team

Purple Teaming: How To Play Cybersecurity War Games Properly

Cybersecurity strategists love quoting ancient Chinese military strategist Sun Tzu, who wrote the book on warfare. “If you know others and know yourself, you will not be imperiled in a hundred battles,” he said. “If you do not know others but know yourself, you win one and lose one.” Companies should think about that when […]

Read more
Get Ready For GDPR

North Americans: Get Ready For GDPR

In May 2018, the most significant privacy regulation ever will take effect. The General Data Protection Regulation (GDPR) is an EU measure, but US and Canadian companies who think it doesn’t affect them are in for a rude awakening. GDPR affects anyone storing sensitive data about anyone in an EU member state, putting most larger […]

Read more
Shadowbrokers

ShadowBrokers Go Out With A Whimper

Note: Story updated on April 17 to reflect second dump of Shadowbrokers files. The ShadowBrokers hacking group made two more splashes this month, resulting in both a ripple and a wave. Firstly, it released the password for the archive of NSA hacking tools that it originally tried to sell off last August, causing a collective ‘meh’ […]

Read more
If you won't patch your software these guys will

If Vendors Won’t Patch Their Software, This Firm Will

What happens if you’re a vendor that’s slow to patch a known flaw? It’s possible that someone else may step in and do it for you. That’s what has been happening for the past few months with products from vendors such as Adobe and Microsoft. Most recently, Slovenian security consulting firm Acros Security stepped in […]

Read more

The hacker who came in from the cold

A former Canadian hacker is back in the limelight – this time, with a documentary preaching cybersecurity, and a top film festival slot. So how did Michael Calce get from there, to here? Back in 2000 when Calce was 15, he was better known as Mafiaboy. He became infamous for discovering a common weakness in […]

Read more

Security standards for the blockchain

In the future, your data may be secured not by some central gatekeeper, but by a vast, distributed set of participants, each holding some or all of it. Blockchain technology is the new frontier of cybersecurity, but it’s also the Wild West of information architecture. What efforts are being made to standardize it? The blockchain […]

Read more
Cybersecurity training is broken

Video: Cybersecurity training is broken. Here’s how to fix it.

User awareness training isn’t working. It hasn’t worked for a while. There are good reasons for this, and as cybersecurity threats mount, it would be good for security pros to understand them. SecTor sat down with several experts at its tenth annual conference in October 2016 and asked them what was wrong. Here’s what they […]

Read more
Single Biggest Cybersecurity Measure

Video: Your Single Biggest Cybersecurity Improvement

There are, at the time of writing, 331 days until the new year. That’s’ a lifetime in cybersecurity. What major goals are you hoping to achieve in your cybersecurity practice before then? SecTor sat down with six experts to get their recommendations for the single priority to focus on in 2017. Here’s what they had […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required