Re-Energize Existing Software Through Integration

In 2015, organizations spent over $75 billion on cybersecurity. That’s a lot of money. But 2015 also saw a rise in successful cyber attacks, costing companies hundreds of billions of dollars in damages, loss and other related expenditures. Did all of the security software and hardware purchased with that $75B fail to do its job? Today's landscape requires more than just a collection of isolated products handling specific tasks—it needs an integrated ecosystem dedicated to overall resilience.

Read More

What is Digital Resilience?

The 10-second version is this: Digital resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been.

Read More

Cybersecurity Incidents Cost Companies Hundreds of Billions in 2015

  According to the recently released 2016 Data Breach Investigations Report (DBIR) digest, produced annually by Verizon to help educate the industry, companies spent hundreds of billions of dollars last year as a result of cybersecurity incidents.

Read More

Remediating The glibc DNS Bug Or: How To Survive An Inherently Flawed Digital Landscape

Buffer overflowing—or the stuffing of more data into a block of memory than allocated—has been one of the more common security vulnerabilities to be exploited in recent years. Last week Google and RedHat security researchers discovered a particularly distressing buffer overflow vulnerability in one of the key underpinnings of the internet: the glibc DNS bug. And while the glibc team has provided a fix for most Linux distros, it's questionable whether the flaw can be eradicated any time soon, especially given the ubiquity of Linux systems and the GNU Project's implementation of the C standard library.

Read More

Casino Data Breaches And Doubling Down On Digital Resilience

In what is being described as a landmark case, Nevada-based casino operator Affinity Gaming is suing cybersecurity firm Trustwave for inadequately investigating and containing a 2014 data breach. The lawsuit not only marks the first time a security firm is sued over post-breach remediation efforts—it also highlights the complexities around managing cyber risk for high risk organizations in today's threat landscape. 

Read More

Bringing Digital Resilience Back to the Digital Economy: ScriptRock Becomes UpGuard

As the saying goes, there are two certainties in life: death and taxes. As we all look ahead to 2016, it’s clear that a third certainty has entered the mix: breaches. 

Read More

Will Software-Defined Security Usher In A New Era Of Digital Resilience?

By now, you've probably heard of software-defined networking (SDN): the emerging IT paradigm that abstracts networking hardware into programmable components for unprecedented data center agility and flexibility. In the same vein, parallel infosec developments currently underway are transforming rigid and complex physical security architectures into highly-adaptable, easily-managed, and ubiquitous mechanisms for IT security. This is software-defined security (SDSec)—a new model of infosec that just might save us from digital armageddon.

Read More

What is Cyber Resilience?

Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.

Read More