Press

Top Microsegmentation Software for 2021

It seems that no matter how many security technologies, network perimeters, and intrusion prevention safeguards are erected, the bad guys somehow find a means of entry.

Mitre’s new deception framework: one part strategy, one part conversation

Mitre unveiled the “beta version” of Engage, the new framework for implementing deception into defense earlier this month. The concept, say its makers, is to deliver not just a better information source, but a way to “engage” with the philosophy of an underutilized concept.

Gartner report: Market Guide for Cloud Workload Protection Platforms

Today’s enterprises distribute workloads across complex hybrid- and multi-cloud environments and leverage multiple cloud service providers. Coupled with the increasing granularity of workloads and the ephemeral nature of cloud assets, workload security is one of the top challenges faced by enterprises.

Letting Businesses ‘Hack Back’ Against Hackers Is a Terrible Idea, Cyber Veterans Say

“So many things could go wrong, and very little can actually go right,” said Anup Ghosh, a former program manager at the Defense Advanced Research Projects Agency, or Darpa, part of the Defense Department.

Mr. Ghosh, now the chief executive of cybersecurity firm Fidelis Cybersecurity Inc., said that for a company, even deciding whom to counterattack is fraught with risks, given the difficulties of attributing attacks to individuals, gangs or nation-states. Introducing the private sector into the cyberwarfare arena also has national-security implications, he said, such as disrupting intelligence operations that companies might not know about.

‘A uniquely bad idea’? Senators propose hack back study, but most experts’ minds are made up

The more aggressive hacking victims are allowed to be, the higher the risk for collateral damage.

“I could certainly see hack back (or at least the threat of hack back) being a deterrent, and it would bring additional resources and expertise into the fight. I could also see this quickly spiraling out of control and causing collateral damage and further cyber escalation if it is not well regulated and coordinated,” said Chris Kubic, current CISO of Fidelis Cybersecurity and former CISO of the NSA.

Why it’s so difficult to bring ransomware attackers to justice

The private companies that are most often victims of these ransomware attacks can be blindsided about “who actually attacked them” because of the sophisticated nature of the attackers, according to Anup Ghosh, CEO of Fidelis Cybersecurity and a former researcher at the Department of Defense.
“Unlike a physical attack where you can do identification, in cyberspace it’s very difficult to do attribution with certainty,” he said.