A Comprehensive Guide to Securing the Supply Chain

In today’s digital age, securing the supply chain has become more critical than ever. Cyber attackers are constantly looking for ways to breach the supply chain and steal sensitive data, manipulate transactions, and cause disruptions. Therefore, businesses must take proactive measures to protect their supply chain. In this article, we will explore the targets of hackers, common attack techniques and trends against the supply…

OT vs IT: Understanding the Differences

Operational Technology (OT) and Information Technology (IT) are two distinct domains that differ in their purpose, infrastructure, and security requirements. IT deals with data processing, storage, and communication technologies that are used to manage and support business operations. On the other hand, OT deals with the hardware and software systems that control and monitor physical processes such as manufacturing, energy production, transportation, and building…

The Booming Ransomware Economy: A Growing Threat to Business

Ransomware attacks have become one of the most significant threats to individuals, businesses, and governments around the world. Cybercriminals use ransomware to encrypt victims’ files and demand payment in exchange for the decryption key. In recent years, the frequency and sophistication of these attacks have increased, resulting in significant financial losses for victims and driving the growth of a thriving ransomware cybercrime economy. The…

Exploring the Use Cases for ChatGPT in Cloud Computing

ChatGPT, a large language model developed by OpenAI, has numerous applications in cloud computing. As businesses increasingly adopt cloud computing, the need for intelligent and flexible tools to manage cloud-based environments is becoming more crucial. In this article, we will explore some of the use cases for ChatGPT in cloud computing. Cloud Service Management ChatGPT can be used as a chatbot for cloud service…

Ransomware Readiness Can Reduce Costs

Cybersecurity is a top priority for businesses of all sizes in today’s digital age. With the ever-increasing number of cyber threats, it is becoming more important than ever to protect your business from potential attacks. One of the most significant threats facing businesses today is ransomware, a type of malware that encrypts a victim’s data and demands payment in exchange for the decryption key.…

The Evolution of AI Security Tools: From Novelty to Necessity

Artificial intelligence (AI) has been one of the most significant technological advancements of the 21st century. In the realm of cybersecurity, AI has played a critical role in the development of new and innovative security tools designed to help organizations protect their networks and data from cyber threats. In this article, we’ll take a closer look at the evolution of AI security tools and…

Cyber Security Tips for SMBs

Cyber attacks are a growing threat to small and medium-sized businesses (SMBs). In fact, according to a recent report from the Ponemon Institute, SMBs are now more likely to be targeted by cyber criminals than larger businesses. There are a number of reasons why SMBs are more vulnerable to cyber attacks. SMBs often have less resources than larger businesses, which means that they may…

Some Thoughts About Future of SOCs

Cybersecurity is one of the most important issues facing businesses today. With the rise of data breaches and other cyber attacks, it is more important than ever to protect your business from these threats. One way to do this is by implementing a security operation center (SOC). A SOC is a centralized location where you can monitor and manage your cybersecurity operations. SOCs play…

Artificial Intelligence and the Future of Work

With the industrial revolution, labors experienced a great deal of fear that machines would take their place. We seem to experience a similar situation in the not too distant future due to Artificial intelligence (AI). AI is changing the way we live and work and its impact on the jobs is no exception. In the field of security, we can see the development of…

Network Detection and Response

As organizations, and security teams, we purchased many security devices for providing both network and endpoint security. However, attacks continue at the same pace, even we faced bigger attacks last year, and they are getting more sophisticated. So, what is the next step for organizations? NDR market guide was shared last year by Gartner. As the idea, NDR uses (or must use) artifical intelligence…

CSA Announced Their 50 Trusted Providers

The Cloud Security Alliance (CSA) announced the selection of a first round of “trusted providers” for cloud security. CSA, a dedicated organization for defining best practices for cloud security, assumes that these trustmarks (will be displayed on each organization’s Security, Trust, Assurance and Risk (STAR) registery) will assist customers in identifying cloud providers that demonstrate their commitment. There are some criteria that companies must…

A Sad Story: Don’t Invest, Just Prodigalize

Last week, a friend called me, gave some bad news about a company. The company was looking for help since they became a victim of Egregor ransomware and trying to learn what to do against attacker since the attacker got their all data, encrypted it and gave three days to be paid 500k dollars. The attacker threatened them to publish their data in public…

Third Party Connections’ Security

Do you want your partners trust you directly? Well, do you trust your third party partners directly? When adversaries  are in, they always check different ways to reach more places. So, if one of your trusted third party connection got hacked, it means that there is just a short time they find your connection, and get inside if you did not make your connection…

Host-Based Firewalls – A Possible Nightmare for IT Pros

With increasing remote workforce process during Covid-19, clients are now more independent with their laptops and mobile phones that also being used for personal usage besides organizational usage. Not only workers, but also computers and data are now outside the organization and most of the protection layers such as firewall and IPS. Vulnerabilities and attacks continue to surface but remote users’ connection and VPN…

“MUST” Practices for AntiVirus

Last week, I hearth that an organization did not add antivirus agent to their PC image. They are formatting the PC with their image, then connecting to the network and waiting for the sccm installing the antivirus software to the PC. Also, for remote users working on the field, some contracted partners are formatting the PCs since these users cannot come to the company,…

Email Security – A Buyer’s Guide

All IT professionals know that most of the cyber attacks begin with an email. Actually, according to statistics of Phishme Defense Guide 2017, 91% of cyber attacks began with an email. It is not surprise, since all we know that the human is the weakest part of cyber defense. If the users have not enough awareness – this might be the IT professionals’ fault…

Is DLP Dead?

DLP is a technology we use more than one decade. The starting point of DLP was protecting IP (Intellectual Property) of the organizations and became very popular for too many sectors. Organizations spent, and still spending millions of dollars for DLP solutions, to protect their private data. However, Gartner says; “They become an annoying or toothless technical control rather than a component in a…

Fall of A Hero – Rise and Fall of AV

All IT Security experts surely faced with such situations that anyone who does irrelevant with security, know only AV about computer security. AVs was the hero of our security for long times. Legendary TimesAVs begin their advanture as signature based protection against known viruses and worms. With the development of the threats; fisrtly with script kiddies, than financially motivated hacker groups, it was enough…

A Guide to Choose EDR

As spoken in all security events in last decade, the attacker’s purposes and methods have changed greatly and become more complex. As if this is not enough, increase in the number of the mobile devices used in the organizations and moving some (or most of the) services to cloud made endpoints’ protection more difficult. With the expanded cloud usage and development of the mobile…