UEFI: 5 Recommendations for Securing and Restoring Trust
This blog post expands on concerns brought to light from recent UEFI attacks, such as BlackLotus, and highlights 5 recommendations to secure and restore trust in the UEFI ecosystem.
Read MoreThis blog post expands on concerns brought to light from recent UEFI attacks, such as BlackLotus, and highlights 5 recommendations to secure and restore trust in the UEFI ecosystem.
Read MoreThis post examines how a small issue with Border Gateway Protocol routing, a deprecated path attribute, can cause a major interruption to Internet traffic.
Read MoreThis post outlines 10 lessons learned from more than three decades of building incident response and security teams throughout the globe.
Read MoreThe average insider risk incident cost organizations more than $600,000. To help organizations assess their insider risk programs, the SEI CERT Division has released two tools available for download.
Read MoreCOVID-19 changed the nature of the workplace. In this evolving climate, organizations need to be increasingly vigilant against insider incidents. In this post, we present the 13 key elements of an insider threat program.
Read MoreCOVID-19 changed the nature of the workplace significantly. In this evolving climate, organizations need to be increasingly vigilant against insider incidents. In this post, we present the 13 key elements of an insider threat...
Read MoreWe commonly think about risks having negative consequences. With each month bringing new cybersecurity threats, breaches, and vulnerabilities, sound risk management practices are necessary….
Read MoreMost organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems….
Read MoreIn previous posts of our series analyzing and summarizing insider incidents across multiple sectors, we presented up-to-date statistics from the CERT National Insider Threat Center (NITC)….
Read MoreSeptember 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center….
Read MoreThe best way to learn is by doing. But when it comes to penetration testing, learners risk legal implications and bad habits if they don’t follow ethical, safe procedures….
Read MoreTuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with….
Read More