Security Corner

LookingGlass has been monitoring the financial sector for a decade. Given the increasing geopolitical tensions and growing threat of cyberattacks on U.S. critical infrastructure, we produced a cyber profile for the sector. This profile highlights the most prevalent vulnerabilities and security exposures across the U.S. and which ones have been used by Russian actors in the past.

The energy sector is especially vulnerable to cyberattacks. Hackers associated with Russian internet addresses have been scanning the networks of five U.S. energy companies in a possible prelude to hacking attempts, the FBI said in a March 18 advisory to U.S. businesses. The FBI’s notice was days before The White House publicly warned that Kremlin-linked hackers could target U.S. critical infrastructure as the Russian military continues to suffer heavy losses.

Security and risk management leaders have more information at their disposal than ever before. However, the sheer amount of data is not helping to solve problems. They are struggling to know what threats they really need to be concerned about. It’s an issue that can’t be ignored. In 2021, corporate cyber-attacks rose by 50 percent, and government and military sector attacks rose by 47 percent.

Once deemed a luxury or rarely used by businesses while crafting their security operations, “TI products and services deliver knowledge, information, and data about cybersecurity threats and other cybersecurity-related issues,” making them essential to thoroughly protect your business.

LookingGlass Cyber Solutions Chief Product Officer Cody Pierce recently spoke with CyberScoop about the practices that help security teams gain visibility into their assets to better understand and reduce exposure to attacks and, in turn, narrow security gaps.

With innovations lowering the barrier to adoption of new technologies like cloud computing and software-as-a-service, most business units can acquire new software and services without having to go through IT. This has led to a dramatic increase in “shadow IT” – a serious problem that organizations must manage before it’s too late.

An organization implementing a zero-trust cybersecurity architecture means that no individual, asset, or software is trusted. Instead, every system and person must be authenticated, authorized, and continuously validated as having the right to be accessing what they are using.

Tradeoffs—we all have to make them. In today’s always-on, ever-evolving digital world, some of the most important decisions organizations and consumers must make are the tradeoffs between security and convenience. These choices come under even more scrutiny when they involve government entities making risk judgements that could impact American lives, the economy, and other organizations […]

If anything, the ransomware attack on Kronos drives home the fact that cybersecurity impacts everyone. One critical takeaway from the event is that companies and public sector organizations need to take a holistic approach to cybersecurity. Monitoring only what is occurring within an organization’s own network is no longer enough to prevent an attack. HR […]