UpGuard
Security Ratings Explained
This post was originally published here . The Problem of Digitization The digitization of business has increased the speed of commerce, the scope of customers, the understanding of consumer habits, and the efficiency of operations across the board. It has also increased the risk surface of business, creating new dangers and obstacles for the business […]
Infrastructure Indexing: or, Why Server Headers Matter More than Ever
This post was originally published here . When we think about cyber attacks, we usually think about the malicious actors behind the attacks, the people who profit or gain from exploiting digital vulnerabilities and trafficking sensitive data. In doing so, we can make the mistake of ascribing the same humanity to their methods, thinking of […]
UpGuard CyberRisk and Fair and Accurate Security Ratings Principles
This post was originally published here . In June of 2017 the U.S. Chamber of Commerce posted the “Principles for Fair and Accurate Security Ratings,” a document supported by a number of organizations interested in the emerging market for measuring cyber risk. The principles provide a starting point for understanding the current state of security ratings and for establishing […]
Cyber Resilience: What It Is and Why You Need It
This post was originally published here . The way businesses handle the risks posed by their technology is changing. As with anything, adaptability is survivability. When the techniques, methods, and philosophies of the past aren’t working, the time has come to find something better to replace them. Cyber resilience is a set of practices and perspectives that […]
How to Build a Sustainable Digital Business in the Cloud
This post was originally published here by UpGuard. Technology and Information How much digital technology is required for your business to operate? Unless this document has traveled back in time, the chances are quite a lot. Now consider how much digital technology your vendors require to operate. The scope of technology grows quickly when you […]
How Can Cloud Leaks Be Prevented?
This post was originally published here by UpGuard. When we examined the differences between breaches, attacks, hacks, and leaks, it wasn’t just an academic exercise. The way we think about this phenomenon affects the way we react to it. Put plainly: cloud leaks are an operational problem, not a security problem. Cloud leaks are not […]
Procedures: Runbook Automation that Works
This post was originally published here by Greg Pollock. One of the challenges of building and running information technology systems is solving novel problems. That’s where frameworks like scrum and agile come in– getting from the unknown to the known with a minimum of frustration and waste. Another challenge is performing known tasks correctly every […]
Check your Amazon S3 permissions. Someone will.
This post was originally published here by UpGuard. Nearly all large enterprises use the cloud to host servers, services, or data. Cloud hosted storage, like Amazon’s S3, provides operational advantages over traditional computing that allow resources to be automatically distributed across robust and geographically varied servers. However, the cloud is part of the internet, and […]
Assessing Critical Cyber Risks with UpGuard
This post was originally published here by Greg Pollock. Given the complexity of modern information technology, assessing cyber risk can quickly become overwhelming. One of the most pragmatic guides comes from the Center for Internet Security (CIS). While CIS provides a comprehensive list of twenty controls, they also provide guidance on the critical steps that “eliminate […]
5 Biggest Takeaways From WannaCry Ransomware
This post was originally published here. Global in scale, with across the board press coverage, the WannaCry ransomware attack has quickly gained a reputation as one of the worst cyber incidents in recent memory. Despite the scale, this attack relied on the same tried and true methods as other successful malware: find exposed ports on the Internet, […]
