Cybersecurity

AppGuard & Carahsoft Tap Leading Cybersecurity Experts to Discuss Hardware Hacks

AppGuard & Carahsoft Tap Leading Cybersecurity Experts to Discuss Hardware Hacks

Panelists worthy of any CISO’s attention, discussed and prioritized the methods China is using to compromise enterprises via their supply chain, including the currently rare, covert placement of spy chips into computing hardware. China’s ‘2025’ strategy to steal and degrade western economic power affects any enterprise that generates high-margin value and/or is in the same supply chain with those that do. The world has not seen such intense and pervasive nation-state aggression since the Cold War.

China Hack - Upcoming Expert Virtual Panel Discussion

China Hack - Upcoming Expert Virtual Panel Discussion

Reports of covertly adding chips to motherboards for industrial espionage require CISO’s to ask their peers and teams ‘what are the Chinese actually doing to steal data from organizations like ours’ and ‘what should we be doing to counter their efforts’? Enterprises targeted by China can get the answers and insights they seek from the panel Carahsoft and AppGuard have assembled. Hosted by Mike Lyons of CBS News, it features experts from the intelligence community, cybersecurity policy, and cybersecurity technology.

5 Critical Areas All CISOs Should Be Focused On - 1

5 Critical Areas All CISOs Should Be Focused On - 1

Panelists

Moderator: Neal Conlon, AppGuard Inc, VP Business Development

The CISO panel explored the challenges of 2018 and what remedies and priorities they consider important for 2019. Many enterprise cyber symptoms stem from inattention to basic blocking and tackling as well as under-utilization of existing tools. Flawed risk alignment contributes to these and other even greater issues. The panel also explored how the human factor affects cyber programs. They prescribed remedies to these matters that can be pursued in 2019 as well as shared what they expect to see next year.

5 Critical Areas All CISOs Should Focus on at Year End

5 Critical Areas All CISOs Should Focus on at Year End

AppGuard is facilitating a virtual panel discussion of CISOs on October 3rd to help them help each other better prepare for 2019. Attendees can expect to gain useful insights from peers and join the conversation. Five topics loosely tied to mitigating malware threats will be explored. 

Authentication: Don't Forget Endpoint Protection

Authentication: Don't Forget Endpoint Protection

Google recently stated that none of its 80,000 employee accounts using their Titan Security Key has been compromised since deployment. This is because this hardware authentication device is a possession factor that cyber criminals cannot electronically steal as they do passwords. But, as great as this and like tools are, they are susceptible when the endpoints using them are compromised. Read on to learn more about how your different authentication mechanisms depend on endpoint protection as well as the one capability you need for this but may have never heard about.

Mission: Protect Nanny's Computer

About a year ago I took on the role of CEO of one of the hottest emerging cybersecurity companies in the world. We were already embedded in critical infrastructure, large enterprises and organizations around the globe.

About 2 minutes after my 79 year old mom told me how proud she was, she said “What about my computer?”

One Single Agent for an Endpoint, One Giant Burden for IT/Sec-Ops

One Single Agent for an Endpoint, One Giant Burden for IT/Sec-Ops

There’s a pervasive, false perception in contemporary politics. The candidate that advocates spending the most on something cares most about solving the problem. Today’s endpoint protection suites are similarly ranked. Those with the longer list of features are ranked higher. Similarly, like features are seldom compared one-to-one but are presumed little different among different suites. The breadth and price of the package carries too much weight. Actual results bear too little, including level of effort. And ultimately, the features checklists have usurped the overarching mission of endpoint protection suites, preventing compromises.

Endpoint Protection: Operations Impact is Just as Important as Blocking Malware

Endpoint Protection: Operations Impact is Just as Important as Blocking Malware

One of today’s most widespread cybersecurity principles seems prudent on the surface but has made the enterprise cyber program a bloated, lumbering beast of burden. Defense in depth is simple to intuit; it is as obvious as two heads are better than one. Reality demands, however, that the enterprise optimize. How many are too many? What combination is best, and so on?  Clearly, finding that sweet spot depends more on just what mitigates the spectrum of prioritized risks. The following anonymous customer story exposes at least two other major dimensions that matter. These other two are the difference between excellence and mediocrity.

Data Breaches Are Still Accelerating Despite Bigger Budgets - There is a Solution!

Data Breaches Are Still Accelerating Despite Bigger Budgets - There is a Solution!

Soldiers in combat over the last century rapidly grow accustomed to the distant cacophony of artillery and bombs. Some even get desensitized to nearby explosions. How many of us react with shock and horror at a data breach headline? Few do. We all hear them rumbling in the distance all the time.

Look at all of the familiar names in this list of recent casualties: Sears, Kmart, Best Buy, Saks Fifth Ave, Lord & Taylor, Whole Foods, JC Penny, Walmart, Panera Bread, Sonic, Arby’s, AppleBees, Coca-Cola, Delta Airlines, Under Armour, Orbitz, Atlantic City, Equifax, Yahoo, SunTrust Banks, Blue Shield of California, Western Union, Boeing, CareFirst BlueCross BlueShield, and Bed Bath & Beyond.

More Endpoint Protection with Less

More Endpoint Protection with Less

The Enterprise is Bloated with Cybersecurity Junk Food

Over the last decade, adversaries have been quite artful in managing to steal from the enterprise, mostly by compromising its poorly protected endpoints. Year after year, the adversaries and defenders add new tools and practices to their craft. The adversary simply discards one thing when something better exists. But for the enterprise, staying lean and fit is anything but easy.

"Meltdown" and "Spectre": Antivirus Tools Caught with Their Hands in the Windows Cookie Jar

"Meltdown" and "Spectre": Antivirus Tools Caught with Their Hands in the Windows Cookie Jar

The Meltdown and Spectre vulnerabilities in Intel and other CPU’s are most disturbing because these exist beneath the reach of software-based cyber controls to explicitly intervene. To mitigate risks from the Meltdown and Spectre vulnerabilities in Intel and other CPU’s, AppGuard customers need not do anything other than implement operating system patches, as should be done regardless. No unusual actions are necessary to implement these patches with AppGuard.

Cyber and Physical Security Come Together for First Time with Partnership between AppGuard and UFC Fighter and Green Beret Tim Kennedy’s Sheepdog Response

Cyber and Physical Security Come Together for First Time with Partnership between AppGuard and UFC Fighter and Green Beret Tim Kennedy’s Sheepdog Response

Through Partnership, Sheepdog will Offer its Physical Security Customers with Access to AppGuard Autonomous Endpoint Security, and AppGuard will provide its Customers with Access to Sheepdog’s Training

AppGuard Customers Protected Against Process Doppelgänging - Fileless Attack

AppGuard Customers Protected Against Process Doppelgänging - Fileless Attack

This week, researchers presented at Black Hat Europe in London information regarding an extremely dangerous new “fileless” attack vector that affects all Windows operating systems. The researchers observed that the attack bypasses many widely used endpoint security tools. AppGuard customers need NOT make any policy adjustments to mitigate risks from such attacks. AppGuard already blocks them.

Keep Calm And… Here Is A List Of Alarming Cybersecurity Statistics

Keep Calm And… Here Is A List Of Alarming Cybersecurity Statistics

It is clear that companies and individuals are playing games of catch up from a growing array of cyber adversaries. The following links are compiled from recent statistics pulled from a variety of articles and blogs. As we head deeper into 2017 and plan to defend our PCs, smartphones, and networks, it is worth taking note to prepare for the potential cybersecurity implications in our changing digital landscape.

Cyber Alerts - Big Data is a Big Human Problem for the C-Suite

Cyber Alerts - Big Data is a Big Human Problem for the C-Suite

Long said in movies and TV, it's the bullet that you don’t see that kills you. This was true for Target in 2011 where they missed the alerts their tools generated. This has remained so for many others ever since.

Pick an organization with 1000’s of employees. Look at the IT/Sec-Ops people as they really are. You’ll see cyber alerts fatigue that is driving up employee attrition in a landscape where skills gaps are large and recruiting costs are increasing. Worse, the enemies are still storming the enterprise.

Ransomware is the Most Urgent Threat to Healthcare Providers

Ransomware is the Most Urgent Threat to Healthcare Providers

Ransomware is the Clear and Present Danger Now

Probabilities, preparedness, and potential impact mean that Ransomware reigns supreme amongst healthcare provider threats. If you can’t treat patients because you don’t have access to medical equipment, records, billing processes, scheduling, or vital 3rd party services, the impact is immediate, pervasive, urgent, and even life threatening, far worse than HIPAA fines and other typical data breach consequences.

National ID - Best Remedy to Equifax-Like Breaches

National ID - Best Remedy to Equifax-Like Breaches

While most people worry that the Equifax data breach will cause a spike in identity theft and other cyber fraud, maybe we should be more concerned if this does NOT happen.

Articles about Equifax and the breach headlined periodicals not just in the trade rags but also in the mainstream. Such coverage surprises no one given the vast number of records that were compromised. But what of the countless breaches not headlined, not fully disclosed, and not discovered at all?

The Firing of the Equifax CEO, CIO and CISO Affects Most Organizations

The Firing of the Equifax CEO, CIO and CISO Affects Most Organizations

The Equifax breaches and subsequent firing of the CEO, CIO, and CISO are a giant canary in the enterprise world.  Their failures are far from unique. Most organizations struggle with the same issues too. But after a breach has occurred, challenges get reported as failures in the periodicals. Caricatures of what did or didn’t happen follow. Bigger issues are overlooked.