Filter By:

Recent Blogs & Podcasts

Insights

 



June 14, 2017 | Malware and Advanced Threats
By Chris Gonsalves, IANS Director of Technology Research

 Jon Condra on Dark Web Threats and Nation-State Attackers

It's a dangerous world out there, and guys like Jon Condra are here to help us make sense of it. The Director of East Asian Research and Analysis at risk and threat intelligence firm Flashpoint, Jon joins me this week to talk about the recent Flashpoint Business Risk Intelligence Decision Report he authored and share his insights on emerging threats from Russia, China, North Korea and a host of other international bad actors.

Read More »


June 14, 2017 | IT Forensics
By Bill Dean, IANS Faculty

 Use the Right Process – and Tools – to Investigate Potentially Compromised Machines

Getting a secure process in place to remotely investigate potentially compromised devices - one that can't be used as a pivot point for further attack - is tricky. In this Ask-an-Expert written response, IANS Faculty Bill Dean validates a client's current process but also recommends installing a temporary forensics agent to improve the analysis.

Read More »


June 13, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 Tips for Evaluating Malware Analysis Tools

Free or commercial? On-premises or cloud? API or no? Options abound when it comes to choosing the right malware analysis tool. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh steps you through the decision process and provides an overview of the top solutions on the market.

Read More »


June 12, 2017 | Malware and Advanced Threats
By Ken Van Wyk, IANS Faculty

 Van Wyk: Responding to Ransomware

Last month, I wrote that targeted attacks require much deeper analysis than those that are not targeted. While that still rings true, battling non-targeted threats like ransomware is becoming an increasing problem for organizations. 

Read More »


June 9, 2017 | Penetration Testing and Red Teaming
By Jason Gillam, IANS Faculty

 Add Phishing to Your Red Team’s Playbook

While phishing can be a good way to gain an initial foothold in a target network, some red team phishing attempts are more successful than others. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how to get the most from some common phishing tools and offers tips for crafting successful phishing attacks.

Read More »


June 9, 2017 | Recruiting, Hiring and Retention
By Mike Saurbaugh, IANS Faculty

 Build, Manage and Retain a Strong Security Staff

In a hiring environment where skilled infosec professionals are hard to come by, organizations need to do everything they can to differentiate themselves from the competition. In this report, IANS Faculty Mike Saurbaugh offers proven strategies for maintaining a strong security staff and reveals the results of his survey on students' expectations upon entering the information security workforce. 

Read More »


June 8, 2017 | Enterprise and IT Compliance Management
By Michael Pinch, IANS Faculty

 5 Tips for Migrating to a New Security Framework

Changing an organization's security program alignment is never an easy task. In this Ask-an-Expert written response, IANS Faculty Mike Pinch offers five key steps to take when migrating to a new security program, with specific guidance for switching to the NIST Cybersecurity Framework. 

Read More »