Posts tagged Breach Preparedness

8 min Verizon DBIR

Key Concepts and Findings from the 2019 Verizon Data Breach Investigations Report

Our Rapid7 Labs research team has pored over Verizon Data Breach Investigations Report to identify some key waypoints to help the Rapid7 community navigate through this sea of information.

2 min Incident Response

4 Key Lessons from the Citycomp Data Breach

On April 30, 2019 Motherboard reported on a combined data breach and extortion attempt against Citycomp, a network and internet infrastructure firm based in Germany.

5 min Breach Preparedness

Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.

You’ve hired the best of the best and put up the right defenses, but one thing keeps slipping in the door: phishing emails. Part of doing business today, unfortunately, is dealing with phishing attacks []. Few organizations are immune to phishing anymore; it’s on every security team’s mind and has become the number one threat to organizations [

4 min Incident Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 4)

This is not a drill. In this final installment, read our recommendations for handling a real incident. Whether opportunistic or targeted, here's what you should be thinking about.

4 min Incident Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 3)

Now, it’s time for the fun stuff. While an incident response plan review may feel like practicing moves on a wooden dummy, stress testing should feel more like Donnie Yen fighting ten people for bags of rice in Ip Man

4 min Incident Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 2)

In Part 1, we covered key considerations when drafting an incident response plan. Here, we'll cover the best way to get buy-in from key company stakeholders...

4 min Incident Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 1)

Creating and testing an IR plan mitigates risk—help your organization perform at its best by preparing it for the worst. Join us for Part 1: drafting the plan.

4 min Incident Detection

Changing the Corporate Network Attacker’s Risk-Reward Paradigm

Defending a corporate network is hard, while attacking one is all too easy. We break down the risk/reward ratio for corporate attackers and what we can do to change it.

3 min Security Strategy

Stop aiming for security perfection—just do what's right

Guest author Kevin Beaver discusses 'relentless incrementalism' in building out and improving security programs.

3 min Compliance

Australian Privacy Amendment (Notifiable Data Breaches) Bill 2016

Mandatory notification of data breaches is becoming more commonplace across the globe. Many financial institutions are now required to comply with NY DFS [] , any organization processing the personal data of EU citizens should be in the midst of their GDPR [] preparations, and now Australia has announced that it will also be joining the party. The Privacy Amendment (No

3 min Breach Preparedness

The Legal Perspective of a Data Breach

The following is a guest post by Christopher Hart, an attorney at Foley Hoag and a member of Foley Hoag’s cybersecurity incident response team. This is not meant to constitute legal advice; instead, Chris offers helpful guidance for building an incident preparation and breach response framework in your own organization. A data breach is a business crisis that requires both a quick and a careful response. From my perspective as a lawyer, I want to provide the best advice and assistance I possibl

4 min Honeypots

Deception Technology: Can It Detect Intruders Earlier in their Attack Chain?

Every infosec conference is chatting about the Attack Chain, a visual mapping of the steps an intruder must take to breach a network. If you can detect traces of an attack earlier, you not only have more time to respond, but can stop the unauthorized access to monetizable data and its exfiltration. Even as attackers and pen-testers continue to evolve their techniques, the Attack Chain continues to provide a great baseline framework to map out your security detection program. Many of today's

4 min InsightIDR

Underestimating Attackers Gives Them an Advantage

All too often, the media reaction to data breaches is to tout the incredible sophistication of responsible parties, as if it is a shock that technological developments have made these events increasingly easier. There are some very key areas in which we need to stop underestimating the average attacker's abilities if we are going to slow down the growth of massive breaches and detect intruders more effectively. The term 'APT' distracts organizations from rational concerns When people first star

5 min Breach Preparedness

Attackers Have Luck On Their Side - Prevention Is Not Enough

Some security professionals mistake the "assume breach" mentality to be a statement that people are giving up on trying to prevent cyber attacks. To the contrary, many of us believe that you need to do everything in your power to incapacitate intruders, yet it is impossible to stop 100% of malicious actors from finding entry. There is solid logic behind this, and I want to use some (pre-Disney) Star Wars examples to illustrate. I apologize to any true fans out there - I have only watched the tri

5 min Skills

You Need To Understand Lateral Movement To Detect More Attacks

Thanks to well-structured industry reports like the annual Verizon DBIR, Kaspersky "Carbanak APT" report, and annual "M-Trends" from FireEye, the realities of modern attacks are reaching a much broader audience. While a great deal of successful breaches were not the work of particularly sophisticated attackers, these reports make it very clear that the techniques once only known to espionage groups are now mainstream. Lateral movement technologies have crossed the chasm I have written before ab