Mar 12, 2019 8:30:00 AM

Attack Surface Ep. 5: What's Up with Ransomware and Cryptomining?

I was recently intrigued by the increased number of reported ransomware attacks on local governments. Since the start of the new year, cities such as Akron, Ohio and Sammamish, Washington have been temporarily crippled by ransomware. Often, attacks on “big fish” make the headlines… but what about the “little fish”? Why are we seeing an uptick in attacks on smaller entities? What kind of threat does ransomware pose to small businesses and local governments? For answers, I turned to my colleague and cybersecurity expert, Dr. Wesley McGrew, and asked, “What’s up with ransomware?”. This led to an interesting discussion around the evolving attack methods used by threat actors, specifically ransomware and cryptomining, and why smaller entities are their prime target.

Topics: ransomware, Attack Surface, Podcast

Feb 7, 2019 6:30:00 AM

How to know if you need Digital Forensics

For many, the thought of being a part of a digital forensics examination can be stressful and intimidating. But determining if you or your organization needs to initiate a digital forensics exam can be equally difficult. While some situations will naturally lend themselves towards a digital forensics exam, there are some instances where the answer may not be so clear. For the purposes of this article, a digital forensics exam includes any examination of digital devices that could be involved with a legal matter at some point in time. Let’s walk through a few examples...

Topics: digital forensics

Jan 24, 2019 9:30:00 AM

What's Missing from Your Security Strategy?

I have seen that there’s often a flaw in logic with organizations when it comes to cybersecurity. The market has been flooded with products and services that “AUTOMAGICALLY” take care of security and stop attackers. That’s right, “automagically.”

Topics: Executive Insights

Jan 8, 2019 11:06:27 AM

Attack Surface Episode 3: Reverse Engineering Ransomware

In our latest episode of Attack Surface, I sit down with Director of Cyber Operations, Wesley McGrew, to discuss reverse engineering ransomware. McGrew discusses the benefits of reverse engineering in advanced penetration testing, digital forensics, and incident response. As he noted in a previous blog post, reverse engineering can answer the following questions for an organization in the wake of an attack:

Topics: Reverse Engineering, Podcast

Jan 3, 2019 9:30:00 AM

Our 5 Most Read Blogs of 2018

As we transition into the new year, we look back at 2018… from previewing DEF CON and Black Hat USA talks to cryptocurrency mining and blockchain, our readers, clients, friends, and teammates gave us a space to discuss the latest in cybersecurity. For this, we thank you!

Topics: ransomware, black hat USA, SOC for Cybersecurity, Executive Insights, DEF CON

Dec 12, 2018 9:00:00 AM

Attack Surface Ep. 2: Predictions for 2019 Cybersecurity Trends

If you're curious about the changes in the threat landscape, organizational roles, and industry business models in the coming year - this episode was made for you. As 2018 comes to a close, our team of security experts has been reflecting on and looking at recent industry trends. Many of said trends are predicted to remain or become even more prevalent in 2019, including increased physical hacking and changing organizational roles.

Topics: Podcast

Oct 31, 2018 9:30:00 AM

Cybersecurity Lessons from WWII Propaganda

In honor of National Cybersecurity Awareness Month, let's look at how principles from World War II propaganda can teach us valuable lessons in the way we treat cybersecurity today.

Topics: Executive Insights

Oct 17, 2018 8:56:00 AM

Six Considerations for Purchasing Cyber Insurance

In our most recent blog, Brad Pierce discussed what a cyber insurance policy is not. It is not a savior in the wake of a data breach. It is not a replacement for proactive, resilient security measures. What it is, however, is a component of an effective incident response strategy. In this post, I would like to take the time to discuss considerations organizations should take when purchasing a cyber insurance policy.

Topics: Cyber Insurance

Oct 15, 2018 9:00:00 AM

Attack Surface Ep. 1: Three Strategic Investments for Your IT Shop

Join HORNE Cyber’s marketing director, Ashley Madison, as she sits down with Mike Skinner and Brad Aldridge to discuss “Three Strategic Investments for Your IT Shop” on Episode 1 of Attack Surface: The Cybersecurity Podcast for the Want-To-Know Organization.

Topics: Executive Insights, Podcast

Oct 3, 2018 8:55:29 AM

What Cyber Insurance Is Not

The topic of cybersecurity insurance seems to be on the radar of most organizations I speak with. There are a lot of questions around how much coverage is needed and what exclusions one should be on the lookout for when purchasing a policy. I usually try to use this as an opportunity to talk about what a cyber insurance policy is not, and I’ll get to that later.

Topics: Cyber Insurance

Sep 25, 2018 9:30:00 AM

Developing an Incident Response Strategy: Preparing for the "What Ifs"

When we think about the impact of an unexpected event, it can often leave us with varying emotions. In many cases, those emotions are not pleasant… such as panic and stress, feeling vulnerable or lacking control over the world around us. All too often we see clients experience these feelings during the wake of and after a cybersecurity incident. Cybersecurity incidents are always considered the “what ifs”, too often not measured as a strategic threat. An unexpected cybersecurity incident promises negative impact and can sometimes be catastrophic to an organization. So, what can you do? How can your organization be more resilient? How can you better prepare, and experience calm in a time of crisis?

Topics: incident response

Jul 25, 2018 9:30:00 AM

Cybersecurity & Blockchain: What You Need To Know

If you have turned on the TV or been on the internet then most likely you have heard the term "Blockchain". As one of the hottest buzzwords in the tech industry today, it promises to open new ways of doing business and allows strangers to trust each other. In fact, blockchains are already doing these things and will only continue to increase in prominence and importance.

Topics: blockchain

Jul 17, 2018 9:30:00 AM

Speaking in Vegas: DEF CON 26 & Black Hat USA 2018

Shot by Wesley McGrew in Las Vegas in 2017 The most important gathering of hackers and security professionals each year is held in the dry heat of Las Vegas’ summer. It started in 1992 with DEF CON, and has grown into a week-long series of concurrent and complementary conferences, meetings, parties, and events where information security researchers share their latest findings, practitioners network, and IT staff attend to learn about protecting their own companies’ networks. The original conference of the set, DEF CON, remains cash-only at the door—no ID required—allowing both security professionals and the hacking underground to meet with no pretense to break bread and exchange ideas. More than a little actual hacking goes on, as well.

Topics: black hat USA, DEF CON

Apr 18, 2018 9:30:00 AM

Coping with Ransomware Fatigue

Ransomware attacks have increased in number and financial impact significantly. According to the FBI, the cost of ransomware attacks in the past few years has reached into billions of dollars, with the total impact doubling each year. Ransomware attacks can be the result of widespread malicious software, like the high-profile "WannaCry" attacks, or the end-goal of very targeted attacks launched against your organization by threat actors that have compromised your servers or users' workstations.

Topics: ransomware

Mar 13, 2018 9:09:30 AM

High Expectations for Service, With Reverse Engineering

A cornerstone of a cybersecurity firm is in their “reverse engineering” capability. It is a necessary part of responding to breaches, keeping up with the state-of-the-art in threats, and enhances the coverage of penetration testing and red-team engagements. While it separates leaders from followers in the industry, very few business stakeholders have had the opportunity to learn what “reverse engineering” means, how it can be a measure of a security service provider’s capability, and how such services can directly benefit an organization.

Topics: digital forensics, Penetration Testing, data security, cybersecurity, information security, ransomware, advanced penetration testing, incident response, Malware, Executive Insights

Mar 6, 2018 10:30:00 AM

Choosing the Right Security Option for Your Organization

Cybersecurity in layers has been the go-to security model for some time now. There’s no one solution that will properly secure your organization’s network and sensitive information. In today’s environment, it takes an orchestra of teams, tools, and active threat detection and prevention operations to properly secure your organization from an attacker. It has become very clear that traditional layers, such as anti-virus, firewalls and monitoring tools, are just not enough. Attack emulation is a critical security layer that not only focuses on known vulnerabilities but also shows what a real attacker could do to your organization. If you are serious about finding your organization’s security weaknesses and resolving them, you’re likely going to need help from a third-party.

Topics: Penetration Testing, cybersecurity, advanced penetration testing, Security Budget, Executive Insights, Good Enough Cybersecurity

Oct 3, 2017 10:26:00 AM

The Cybersecurity Industry: Ignorance is Bliss

As I’ve pointed out before, the greatest threat to cyber security that organizations face today is the cybersecurity industry itself. I’ve long noticed that every business advisory firm in the country is now offering “penetration testing”, even as a critical industry talent shortage points to that not being possible. All you have to do now is buy a $2000 license for a vulnerability scanning tool, send an employee to a two-week training, and BOOM you have a “penetration tester.” 

Topics: Executive Insights, Good Enough Cybersecurity

Jul 18, 2017 10:34:00 AM

Cybersecurity and Construction: Can a Breach Happen to Me?

As a contractor, if you think that cyber attacks “will never happen to me”, it’s time to reconsider your stance. Construction companies are an attractive target for a wide variety of cyber criminals, and the attackers are becoming more active and aggressive. Despite what you read in the news, hacking is not limited to political scandals and major retailers. It’s no longer a question of “if” you will be breached—the question is “when?”.

Topics: cybersecurity, Construction

Jun 13, 2017 10:03:00 AM

Why an Engaged C-Suite Matters in Improving Cyber Security

In a recent article, I talked about how the C-Suite can get past not being technical and take an offensive mindset to cyber security. I think the big message there was to get involved. Part of an organizations IT leadership and consultant’s responsibility is to provide logical explanations of the threats and vulnerabilities that exist and how they can impact confidentiality, integrity, and availability of an organization’s operations, and the C-Suite should want to hear about it. It’s also important to understand the level of effort it takes from your team to mitigate and remediate threats and vulnerabilities so that you can begin to evaluate if you need to make a decision such as realignment of staff or finding a 3rd party partnership.

Topics: Executive Insights

May 30, 2017 10:11:00 AM

Cyber Security Silver Bullet: If It Seems Too Good to be True, It Probably Is

I’ve said it before and I’ll keep on saying it: The greatest threat to cyber security could likely be the cyber security industry itself and the “good enough” mindset.

Topics: Executive Insights

May 23, 2017 10:14:00 AM

There’s Simply No Such Thing as “Good Enough” in Cyber Security

History tells us that there comes a time when almost every new innovative service starts to lose ground to a “good enough” competitor.  In fact, many of the products that we buy are much cheaper than the original models, because competitors cut corners to make something that is good enough to fit our needs at a cheaper price. As a director of operations, I can fully appreciate a lower priced option that still fits the needs of my organization.

Topics: Executive Insights

Apr 13, 2017 10:08:00 AM

Don’t Let Cybersecurity Wag the Dog

When “the tail is wagging the dog”, you know that something has gone wrong. Priorities are not straight, and a part of the system does not understand its role. Providers of offense-oriented security services, such as penetration testing and red team engagements (which I’ve described in previous articles), often make draconian recommendations that, in pursuit of least effort, wind up impacting your ability to do business. When you get these recommendations, you should ask yourself: Is this vendor acting like a partner in my business, or are they content with it being inhibited as a result of their recommendations?

Topics: data security, cybersecurity

Mar 23, 2017 10:03:00 AM

Cyber Security for the Road Warrior

In my previous columns, I’ve been describing the benefits of having offense-oriented testing performed on your company’s network. This time around, I want to give some advice for the road warriors among you. Many of you have to travel for work, and present an attractive target to cyber criminals that want to steal trade secrets, customer information, or even infect your system in a way that puts your network at risk when you return to the office. You can, however, work on the road in a much more secure way, armed with some basic precautions and awareness.

Topics: cybersecurity

Mar 9, 2017 9:42:19 AM

Why "I'm Just Not Technical" is No Longer an Excuse in the C-Suite

I cannot tell you how many board presentations and meetings I have been in and heard "I am just not technical". Not being “tech savvy” is no longer a valid excuse to not understanding the threats your organization faces and what needs to be done to provide protection. If you are in the budgeting, decision making or approval process of technology in your organization, you have no choice.

Topics: cyber risk

Mar 2, 2017 10:00:00 AM

How Much Should You be Spending on Cybersecurity?

We often hear clients and prospective clients asking “how much should I be spending on cybersecurity?” That is a very complex question and one that is not easily answered without first having an understanding of what is meant by cybersecurity. There are many different versions of cybersecurity being pushed in the market and there is no "one size fits all" solution despite what your vendor may tell you. The key is in spending for what is right for your organization, not simply deciding that a set percentage should be spent on these solutions. Below are some key questions that you should ask of yourself:

Topics: IT Budget