Don’t blow it — 5 ways to make the most of the chance to revamp your security posture
If you’ve got a blank canvas with the opportunity to build a security program from scratch, here’s how to get started and make the most of your new program
NIST’s new framework: Riding the wave of re-imagining privacy
The NIST Privacy Framework will revolutionize how we think about privacy. Here’s how your org might use it.
Four habits of highly effective security teams
Practice these habits consistently and you’ll have an engaged, talented and all-around awesome security team.
How to get your security tool chest in order when you’re growing like crazy
Need to expand your security tool chest? Our CISO’s got some tips to consider when thinking about what tech to keep or buy.
Four common infosec legal risks and how to mitigate them
There are four missteps we see happen often that open fast-growing companies up to unnecessary legal risks -- here’s how to course correct.
Dear fellow CEO: do these seven things to improve your org’s security posture
Need to get the security train back on the tracks? Our CEO’s got some pro tips on improving your org’s security ASAP.
Does your MSSP or MDR provider know how to manage your signals?
How well is your MSSP or MDR going to manage your fleet of security signals over time? Here’s how to figure out whether they’re up for the challenge.
How to build a useful (and entertaining) threat emulation exercise for AWS
Want to test your analysts’ detection skills in the cloud? Here are our tips and tricks for building your own threat emulation exercise in AWS.
12 ways to tell if your managed security provider won’t suck next year
How can you figure out if the quality of the service you’re about to sign up for will improve over time? Our COO Yanek Korff’s got some tips for making sure you choose a service that’ll last.
How public-private partnerships can support election security
Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.
12 revealing questions to ask when evaluating an MSSP or MDR vendor
We’ve heard lots of interesting Qs as prospective customers evaluate which solution's right for them... here are the 12 you should be asking.
Seven ways to spot a business email compromise in Office 365
As attackers behind BEC attacks find ever more clever tactics to use, it’s getting trickier for businesses to protect themselves. But here are some telltale signs you can look for that are tip-offs that something’s amiss.
Reaching (all the way to) your NIST 800-171 compliance goals
Close common compliance gaps, without building a SOC, for NIST 800-171 security requirements. And a bit about how we can help.
How to get the most out of your upcoming SOC tour: making your provider uncomfortable
Seven smart ways to prepare for a tour of a security operations center (SOC) and five clues to watch out for during your visit.
How to disrupt attackers and enable defenders using resilience
So… what is resilience? We’ll cover that and also how it works in this post. We’ve even thrown in a couple examples to get you started.
Managed detection and response (MDR): symptom or solution?
An uncommonly clear review of what managed detection and response (MDR) is, where it came from and what it can/can't do for you.
Warning signs that your MSSP isn’t the right fit
Look out for these five indicators that it's probably time to start considering alternatives to your managed security services provider. Plus, questions to ask to avoid these traps.