advanced-menu-icon

Cybersecurity in ATM : Incident Response using the Security Stack – Office 365 Logs

As part of our ongoing series regarding how each part of an organization’s security stack helps the incident response and forensic teams perform their analysis, we are going to now discuss Office 365 logs and the details it captures as teams interact with services held there. 

Read the blog

Cybersecurity in ATM : Taking Apart the Security Stack in Incident Response (Part 2) - Investigations Using Proxy Logs

This article explores incident response investigations using proxy logs to uncover security gaps in email filtering.

Read the blog

Cybersecurity in ATM : Taking Apart the Security Stack in Incident Response (Part 1) - Email investigations

Malicious actors regardless of motivation, whether financial or hacktivism, tend to look for the path of least resistance. In many data breaches, when forensic teams investigate the root cause, they end up tracing it back to email as the initial vector of the breach, where it all began. The reason this turns out to be the most lucrative for all attackers is the fundamentals of human psychology.

Read the blog

The Importance of Cyber Threat Intelligence Sharing Across the Aviation Sector

The aviation sector plays a critical role in allowing people to travel domestically and globally. Millions of people rely on the safety, security and resilience of airlines, airports and the systems that support them.

Read the blog

Cybersecurity in ATM - The Importance of CSIRT Visibility within an Organization

When there is a limited visibility to a CSIRT team within a company, there is a restricted understanding of risk. This then has a major impact on trust, confidence, collaboration, and ultimately, budget and resource security.

Read the blog

Cybersecurity in ATM: A Workflow & The Visibility Stack

This articles describes how to tailor threat intelligence for information systems requires a dual approach. CSIRTs must prioritize internal data collection while keeping a watchful eye on external sources. The article shows how automation through the right tools augments insights, emphasizing the critical role of tool selection for effective attack mitigation.

Read the blog

Cybersecurity in ATM: The Incident Detection & Response Process - Ongoing Improvement Towards Effective Incident Response

In an organization’s cyber security environment, problems change from week to week. Consequently, a constant strive to learn within the team is of utmost importance as new and exciting challenges need to be faced each week. Within this ever-evolving environment, it’s critical that a team should constantly be changing, evolving and learning in order to adopt the practice of continuous improvement towards improving the company’s security posture (Kaizen).

Read the blog

Cybersecurity: Building a Cyber Security Incident Response Team

For organizations of all sizes, cyber attacks are not a matter of if, but when. Given that an organization is going to experience security incidents, attacks and even breaches, a cyber incident response team and plan is critical. 

Read the blog

Cybersecurity: Profile, Roles & Competencies for the CSIRT Team Leader

As the cyber-threat landscape evolves and data breaches become more common, incident response becomes more critical than ever for any company. A CSIRT (Computer Security Incident Response Team) is a body of people assigned with the responsibility of responding to and minimizing the impact of any incidents that affect the organization. This team requires a strong and versatile leader.

Read the blog