Services

Access a world-class intelligence capability tailored to your specific needs. Control a multi-million dollar program without the time or expense and solve problems both lasting and acute.

Services Overview

Insider Threat Webinar

Getting Inside Insider Threats: Response and Mitigation. Stopping malicious or simply incompetent insiders from doing damage isn't just an exercise in analyzing where the damage came from. Insider Threats aren’t just malicious employees. They can run the gamut from incompetent to accidental to theft.

Blog

2 min read

Managed Intelligence: Four Factors for Building Adversarial Context

By Landon Winkelvoss on May 26, 2020 8:48:50 AM

With limited time and resources for a SOC to prioritize threats for additional research, Mars CISO Andrew Stanley gives several important factors when considering adversarial context with regard to the “who, how, and why” of attribution.

Continue Reading
3 min read

Managed Intelligence: Four Outcomes from Operationalizing Intelligence for Third-Party Risk Management

By Landon Winkelvoss on May 20, 2020 4:42:07 PM

Actionable intelligence is critical for third party risk management as it’s easy to chase false positives that waste resources. While automation enables timely response, deeper analysis is needed to make information from automated sources actionable. Zero touch diligence provides intuitive and actionable intelligence that matters for businesses assessing third-party risk by fusing robust analytic methodology with a suite of tools to collect, store, enrich, and integrate data from a wide variety of sources. Below are the four outcomes that result from thorough zero touch diligence efforts:

Continue Reading
2 min read

Three Areas of Focus For Your Insider Threat Program During the COVID-19 Crisis

By Mike Davis on May 18, 2020 11:57:00 AM

Security teams are settling in to the “new normal” of remote work as the COVID-19 crisis nears its third month here in the U.S. As many teams have discovered, among the myriad of logistical issues of a remote workforce is the increased risk insiders can cause cybersecurity incidents, even if mostly unintentionally. For many companies, the combination of required changes to network access policies and the human element of uncertainty around layoffs, furloughs, and salary reductions has created a need to quickly re-think the priority placed on insiders.  

Continue Reading
7 min read

Know Your Adversary: Russian APTs

By Vincas Čižiūnas on May 14, 2020 5:28:15 PM

In the previous two articles in this series, we examined the Iranian and Nigerian Advanced Persistent Threats (APTs) under a sociohistorical lens in order to better understand the various drivers that instigate their threat activity.  Today, we examine Russia under the same optic, to see if we can gain more insight than the traditional Technique, Tactic, and Procedure (TTP) game of whack-a-mole generally provides.

Continue Reading
2 min read

Four Priorities for Aligning Your Insider Threat Program

By Sean Weppner on May 6, 2020 1:30:50 PM

Organizations based in the United States continue to deal with considerable intellectual property theft and largely do not address the issue until there is a problem. The ability to effectively monitor for negligent or malicious insider threat activity is largely dependent on four main factors:

Continue Reading
4 min read

Know Your Adversary: The Criminal Underworld in Nigeria

By Vincas Čižiūnas & Jonathan Neuhaus on May 5, 2020 10:52:03 AM

Having examined the underpinnings of Iranian culture and the nexus with its corresponding Advanced Persistent Threat (APT), we turn our eyes towards Africa.  Often overlooked as an APT, elements of postcolonial realities in Nigeria have contributed to an advanced criminal underworld.  

Continue Reading
2 min read

Cybersecurity Diligence is Financial Diligence

By Mike Davis on Apr 7, 2020 9:11:54 PM

Healthy deal flow that enables investment at a price point in line with an exit strategy is the foundation of the private equity business model. It is a given investors will conduct detailed diligence around a target’s financials, market, structure, and many other factors to help confirm their thesis around an acceptable entry price point. Of course a deal should not move forward if the investor’s plans will not make the difference to achieve an outcome, and these diligence steps are designed to maximize understanding, and thus de-risk the investment.

Continue Reading
2 min read

Cybersecurity Diligence Doesn’t Need to be a Heavy Lift

By Mike Davis on Apr 2, 2020 9:23:58 AM

Corporations large and small have always used acquisitions as a staple of their strategies to enter new markets, gain a competitive edge, and grow faster than they could organically. Similarly, private equity and venture capital firms have a prominent role in our modern economy and operate specifically to find value in acquisitions or investments. While financial and market diligence has always been a fundamental element of the acquisition process, many acquirers continue to place limited scrutiny on the cybersecurity risks and opportunities arising from an acquisition target.

Continue Reading
3 min read

Know Your Adversary: Iran

By Jonathan Neuhaus & Vincas Čižiūnas on Mar 25, 2020 11:56:49 AM

While researching advanced persistent threats (APTs), the common analytic angle has always been to identify malware and infrastructure techniques, tactics, and procedures (TTPs), and to develop detections. While this is effective for big player APTs such as Russia and China, it results in a game of whack-a-mole as blocking known TTPs necessitates identifying new ones.  Without gaining an understanding of the human factors involved, it becomes like an endless game of cat and mouse.

Continue Reading
2 min read

M&A should stand for “Mitigate, Not Avoid"

By Sean Weppner on Mar 20, 2020 8:09:36 AM

We’ve all read the horror stories over the past several years - the revelation of prior data breach in a target organization led to a massive decrease in the sale price, the unknown/unmitigated compromise led to a subsequent breach in the acquiring organization and massive PR fallout. It rings true to all of us in the business of cybersecurity, because the story really could be any of us. Moreover, from what I’ve seen, there are two truths to most large organizations:

  1. Bigger = More assets = larger risk surface area
  2. Growth is often achieved (and sustained) through inorganic growth
Continue Reading

Featured