Building on our series exploring the adversarial mindset, disinformation actors seek amplification of their content, regardless of whether…
How Adversaries Conduct Reconnaissance for Disinformation Operations
read more
Blog
An Introduction to Honeypots
In our latest blog series, we discuss how threat intelligence can be applied smarter for medium sized organizations with limited resources…
Using Selectors For Open Source Intelligence
BlogUsing Selectors For Open Source Intelligence A “selector” is not a generally defined term in enterprise security, but selectors are important for understanding open source intelligence and investigations in the digital realm. Building on our previous technical...
Making Threat Intelligence Useful for Medium-Sized Enterprises
BlogMaking Threat Intelligence Useful for Medium-Sized Enterprises Medium-sized enterprises that don’t have sophisticated security operations teams typically focus on the basic blocking and tackling of information security: policies around financial controls, incident...
How Adversaries Conduct Reconnaissance For Computer Network Operations
BlogHow Adversaries Conduct Reconnaissance For Computer Network Operations The adversarial mindset is the core that allows us to provide a world-class intelligence capability tailored to the needs of business. Many people ask what it means to have the adversarial...
Six Considerations for Building a Cyber Threat Intelligence Program
BlogSix Considerations for Building a Cyber Threat Intelligence Program When evaluating cyber threat intelligence programs for enterprise, organizations should consider six critical topics before spending on data. It’s natural for an organization to start from one of...
The Myth of Complex Passwords
BlogThe Myth of Complex Passwords Password reuse is one of the most pervasive security concerns for information security teams in enterprise. It’s an easy way for an adversary to gain initial access if two factor authentication is not properly implemented and more...
Three Steps to Use Threat Intelligence, Red Team, and Blue Team Collaboration to Improve Security
BlogThree Steps to Use Threat Intelligence, Red Team, and Blue Team Collaboration to Improve Security For many medium and large organizations, a penetration test that results in a “data breach” is going to lead to numerous findings that take months and sometimes years...
Avoiding Ransomware
BlogAvoiding Ransomware Many maturing security operations centers within medium and large enterprises will indicate that ransomware is often the biggest “threat” that keeps them up at night. Ransomware is not a threat; it is a capability criminals use with an intent...
Podcast Platitudes
BlogPodcast Platitudes Cybersecurity is an ever-evolving industry tackling some really challenging problems. Here at Nisos we truly feel that it is necessary to learn from the best at every opportunity, and we try to ensure that all of the material we present makes...
What Is Digital Identity Reduction and Why Does It Matter?
BlogWhat Is Digital Identity Reduction and Why Does It Matter? The amount of information openly available on the internet about any given individual is staggering.More and more, privacy and online security are brought into the limelight and people are becoming more...
Four Future Trends of Disinformation Campaigns
BlogFour Future Trends of Disinformation Campaigns While disinformation has played a powerful role in the geopolitical world over the last four years, enterprise is increasingly needing to be prepared to address numerous types of disinformation as well. Much of the...
Three Ways to Improve Return on Investment for Threat Intelligence
BlogThree Ways to Improve Return on Investment for Threat Intelligence If a corporate threat intelligence program is merely focusing on indicators of compromise delivered to a security operations function, they should consider expanding their reach throughout the...
Hacker Diplomacy: How to Minimize Business Risks Stemming from Vulnerability Disclosures
BlogHacker Diplomacy: How to Minimize Business Risks Stemming from Vulnerability Disclosures In the new Work-From-Home world where non-essential companies have pivoted into a remote workforce model with increasing reliance on business tools that ensure connectivity,...
How to Use Breach Credentials to Support Intelligence Collection and Attribution
BlogHow to Use Breach Credentials to Support Intelligence Collection and Attribution While some organizations may view third party breach usernames and passwords as important indicators to prevent unauthorized access to their own networks, larger organizations are...
Steps for Medium Sized Businesses to Address Cyber Supply Chain Risk
BlogSteps for Medium Sized Businesses to Address Cyber Supply Chain Risk Any business operating on the internet with internet accessible services provides an opening for anyone else on the internet - good, bad, or indifferent - to interrogate those services and see...
Five Critical Data Source Considerations for Adversary Attribution
BlogFive Critical Data Source Considerations for Adversary Attribution Strong intelligence is the base of adversary attribution; nothing can replace the holistic picture created by technical indicators in combination with HUMINT and OSINT sources. While many cyber...
Translating Cyber Threat Intelligence for the Rest of the Business
BlogTranslating Cyber Threat Intelligence for the Rest of the Business For enterprise businesses, especially in the technology, finance, and manufacturing sectors, the use cases and company consumers of intelligence work can be almost limitless. Therefore, it’s...
Five Critical Data Source Considerations for External Threat Hunting
BlogFive Critical Data Source Considerations for External Threat Hunting Strong intelligence starts with good sources and when it comes to gaining the most context around suspicious events or adversaries of interest, nothing beats external hunting.Most current threat...
Three Types of Disinformation Campaigns that Target Corporations
BlogThree Types of Disinformation Campaigns that Target Corporations In 2018, The Washington Post named “misinformation” its “word of the year.” In 2019, NPR labelled “disinformation” the same. Then 2020 happened. Many of the disinformation actors taking advantage of...
Using Threat Intelligence to Counter Platform Abuse
BlogUsing Threat Intelligence to Counter Platform Abuse Companies whose products serve as collaboration platforms play a key role in our increasingly cloud native and remote work environment. The technology allows companies to achieve clear business opportunities, but...
Threat Intelligence Use Cases for Trust and Safety
BlogThreat Intelligence Use Cases for Trust and Safety Varied threats like disinformation, platform abuse, brand dilution, strategic breach campaigns, extortion, insider threats and nation states stealing intellectual property are more prevalent than ever. More and...
Considerations for Measuring the Return on Investment of Cyber Threat Intelligence
BlogConsiderations for Measuring the Return on Investment of Cyber Threat Intelligence Security operations centers across the world are consumed with how to measure the return on investment of threat intelligence. There are different schools of thought, but we favor a...
The Rise of Synthetic Audio Deepfakes
BlogThe Rise of Synthetic Audio Deepfakes Can Audio Deepfakes Really Fake a Human? Audio deepfakes are the new frontier for business compromise schemes and are becoming more common pathways for criminals to deceptively gain access to corporate funds. Nisos recently...
Establishing a System to Collect, Enrich, and Analyze Data to Generate Actionable Intelligence
BlogEstablishing a System to Collect, Enrich, and Analyze Data to Generate Actionable Intelligence In the era of data-driven decision making, the value of threat intelligence and interest in establishing or expanding threat intelligence programs is growing rapidly....
Advancing OSINT to Turn Data into Intelligence
BlogAdvancing OSINT to Turn Data into Intelligence While cyber threat analysts are critical to determine what cyber threats are relevant to their respective organizations so they can take the appropriate action, open source intelligence (OSINT) and investigations can...
Three Considerations for Measuring Return on Investment from Threat Hunting
BlogThree Considerations for Measuring Return on Investment from Threat Hunting Threat hunting often has ill-defined metrics for organizations attempting to measure “return on investment.” If an analyst isn’t finding bad actors in the environment, leadership may...
An Inside Look at Advanced Attacker TTPs and the Danger of Relying on Industry-based Threat Intelligence
BlogAn Inside Look at Advanced Attacker TTPs and the Danger of Relying on Industry-based Threat Intelligence Many organizations use threat intelligence from industry peers to prioritize vulnerability management and assign criticality when there is not enough existing...
Two Considerations for Building a Security Program Grounded in Diversity and Inclusion
BlogTwo Considerations for Building a Security Program Grounded in Diversity and Inclusion Corporate security programs for major organizations deal with a variety of threats at a staggering global scale and there are playbooks to deal with many of these issues. Above...
Three Considerations for Getting Early Wins from an Insider Threat Program
BlogThree Considerations for Getting Early Wins from an Insider Threat Program Building an insider threat program can be a cultural shift for an organization that values transparency and openness with its workforce. Below are some considerations for demonstrating...
Unexpected Benefits of Third Party Risk Management
BlogUnexpected Benefits of Third Party Risk Management One of the most interesting engagements we’ve seen at Nisos, and there have been many, is straight out of a binge-worthy Netflix drama. A publicly-traded company enters a new business partnership with a seemingly...
Cyber Threat Intelligence: The Firehose of Noise and How We Got Here
BlogCyber Threat Intelligence: The Firehose of Noise and How We Got Here Threat intelligence feeds have become popular, and a company's ability to track threats outside of its own environment is better than ever. With these improvements though, has come an increasing...
Considerations for Securing Container Environments
BlogConsiderations for Security Controls in Containerized and Virtual Environments Containers are popular because they are a cost-effective way to build, package, and promote an application or service, and all its dependencies, throughout its entire lifecycle and...
Stay up to the minute
Subscribe to our blog to get notified of updates in your inbox.