November 19, 2024
November 19, 2024
July 10, 2024
March 30, 2022
To set the standard for a more trustworthy and secure connected world.
To help consumers and businesses feel safe and protected, while educating and enlightening them on potential threats and precautions.
If we have learned anything in the past decade, it’s that organizations will be breached, and private data will be stolen. How leaders respond to these moments can make or break the trust that they have worked so hard to create among their customers, partners and peers.
Executives today must operate under the assumption that they will experience a cyber incident that will require them to notify their customers, investors and regulators. The immediate emotional response may be to wait until all the details are available and carefully messaged, but it is negligent to withhold information that could help people keep their data and finances safe. The best way to ensure executives and their communications teams respond to breaches quickly is to have a well-oiled incident response comms plan in place.
It’s our role to help our clients prepare for these moments, no matter how uncomfortable the lead-up may be. We recommend being open in the aftermath of a breach to rebuild trust in the brand. Being honest and authentic, and providing clear and frequent updates will earn trust from customers who want transparency.
<split-lines>"The best way to ensure executives and their communications teams respond to breaches quickly is to have a well-oiled incident response comms plan in place."<split-lines>
As organizations grow more sophisticated and connected, the attack surface is expanding. Rapid technical advancements have opened up an increasing number of attack opportunities within critical infrastructure, including oil pipelines, energy grids, food supply chains, transportation networks, hospitals and voting systems. Many of these cyber-physical attacks are carried out by state-sponsored groups, predominantly hacker groups out of Russia, China, North Korea and Iran. We expect to see nation-state groups double down in 2022, deploying cyber warfare tactics to intimidate and cause disruptions.
Our clients are addressing threats posed to operational technology (OT) environments that power critical infrastructure and cyber-physical systems including utility plants, trains, and manufacturing plants, and have experts who can help shed light on these growing threats. Shift5 secures transportation and weapons systems from cyberattack, providing complete visibility into their OT networks, while Tenable helps organizations identify and prioritize threats and vulnerabilities to maximize the safety and reliability of their OT environments.
The common theme that cuts across all of our Trust portfolio storylines is the perpetual race to be faster than the adversaries. Our clients Red Canary and Stairwell are each on a mission to help their customers detect threats to their systems and remediate attacks as quickly as possible with their sophisticated technologies and deep threat intelligence expertise.
Software supply chain attacks, such as those against SolarWinds and Kaseya, allow threat actors to increase the scale and pace of their attacks by accessing multiple victims through a single initial compromise. This is why DevSecOps is a sector that’s gaining momentum, and many security companies, including our client Sonatype, are automating software supply chain security to accelerate developer innovation and the ability to build secure applications from the get-go.
The shift to remote work and rapid cloud adoption has also created more opportunities for attackers. We’ll continue to see cyberattacks using phishing, compromising machines via open Remote Desktop Protocol (RDP) ports and exploiting vulnerabilities to take advantage of all the new distributed work environments. The machine learning and behavioral intelligence of our client Tessian prevent advanced email threats and data loss incidents on email.
<split-lines>"The common theme that cuts across all of our Trust portfolio storylines is the perpetual race to be faster than the adversaries."<split-lines>
For one of our security clients, more than half of all of its Tier-1 coverage in 2021 was driven by rapid response to breaking news cycles. Moments like the Log4j vulnerability, attacks on the Colonial Pipeline, JBS and Okta are constant reminders that there is much work to be done to improve cybersecurity, but our clients have unmatched perspectives to help the industry continually make progress. Our clients’ research and expertise are critical to helping us make sense of news cycles often shrouded in confusion and lacking in details.
Our deep-rooted subject matter expertise and relationships allow our team to balance speed against strategic communications during critical moments, helping both our clients and reporters get to the crux of issues and what lies ahead. We run a tight and collaborative process that intertwines analysis of the current story and where it is going next with close reporter engagement. We work hand in hand with threat researchers, CISOs and founders to translate what they’re seeing for mainstream media consumption and we work swiftly to lend their expert perspectives to reporters rushing to publish accurate reports of rapidly evolving news cycles.
The cybersecurity space is heavy on breaking news and is constantly changing. It takes true partnership with our clients to stay on top of it all and help them break into the news cycles with unique and insightful commentary. We are cyber newshounds and passionate about keeping up with the reporters who are on top of the cybersecurity beat, following the latest trends in defense and offense, and working with clients who are helping organizations protect themselves from all the diverse and dynamic cyber threats they face today.
November 12, 2024
November 12, 2024
November 11, 2024
November 11, 2024
October 24, 2024
October 24, 2024