contributed

Focusing on advanced persistent threats can blind organizations to more likely and equally dangerous adversaries, according to Thomas Hofmann of Flashpoint.

Opinion: Don’t Be Blinded by APTs

In this industry perspective, Thomas Hofmann of Flashpoint says that sensational coverage of advanced persistent threat (APT) actors does little to help small and mid sized firms defend their IT environments from more common threats like cyber criminals. The key to getting cyber defense right is understanding the risks to your firm and prioritizing investments to protect critical IT assets.

Podcast Episode 94: Black Report takes Hacker View and Securing the Open Source Supply Chain

Podcast Episode 94: Black Report takes Hacker View and Securing the Open Source Supply Chain

Podcast: Play in new window | Download (Duration: 35:55 — 41.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this episode of the Security Ledger Podcast we do a deep dive into the recent Black Report by NUIX – which flips the script by asking hackers and pen testers their opinions about how they hack firms and what defensive strategies and technologies work best at stopping them. Also: Rami Sass the CEO and co-founder of this week’s sponsor, WhiteSource Software, joins us in the Security Ledger studios to talk about how a white knuckle audit of his company’s open source dependencies eight years ago prompted him to start WhiteSource, which makes a tool for managing the open source software supply chains. 

Data stolen in a breach can surface months or years after the victimized firm has returned to "business as usual," warns Thomas Hofmann of the firm Flashpoint.

Taking the Long View of Breach Fallout

In this industry perspective, Thomas Hofmann, the Vice President of Intelligence at the firm Flashpoint* warns that the effects of data breaches can often be felt months or years after the actual incident, as stolen data bubbles up in underground marketplaces. He has three pieces of advice for companies that want to develop an incident response plan that mitigates the damage of breaches in the short term and over the long term.   

GlobalSign became the latest Certificate Authority to promise PKI at Internet of Things Scale.

IoT Security’s Known Unknowns | Network World

As Internet of Things devices proliferate, it’s more important to discover how many and what kind are on your network and figure out how to make them secure. Editor’s Note: this article first appeared on Network World. You can read the article here at Network World Insider. 

Modern table boardroom with chair in morning / meeting associate concept.

How To Make Your Intelligence Program Ready for Executive Consumption

In this Industry Perspective, Thomas Hofmann of the firm Flashpoint* writes that cyber threat intelligence professionals from the government don’t just bring their skills when they migrate to the private sector – they bring their jargon, also. Communicating effectively with the C-suite, however, demands making threat intelligence ready for executive consumption.  Spread the word!119shares14969