From the Winter 2024 Issue

,

Avoiding Phantom Risk – Chasing Exploitability, Not Vulnerability

Author(s):

Alex Haynes, CISO , IBS Software

exploitability

The gravest warning a pen test report could contain are the words “The host may be vulnerable to remote code execution”.  It is hard to know what that immediately means. Did they get system access on a host? Nope. Was there a public exploit available for that version of software that enabled remote code execution? … Read more

From the Fall 2023 Issue

The Myth of Cyberwarfare – The Ukraine Example

Author(s):

Alex Haynes, CISO , IBS Software

The Myth of Cyberwarefare

Over a decade ago, the front page of ‘the economist’ once had a nuclear mushroom cloud with the caption ‘Cyberwar: the threat from the internet’. A dramatic way to encapsulate the vision of how we perceived the impact of such a threat. Since then the term ‘cyberwar’ is bandied around a lot without any real … Read more

From the Summer 2023 Issue

Making Sense of CNAPP

Author(s):

Alex Haynes, CISO , IBS Software

Making Sense of CNAPP

Cloud Native Application Protection Platforms (CNAPP) are a new category of security tools that are designed to protect cloud-native applications. CNAPPs are a combination of functionality that comprise Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), and Cloud Infrastructure Entitlement Management (CIEM). More recently they’ve integrated SAST (Static Application Security Testing) for workloads … Read more

Other People’s Data Breaches: They Can Help You Too

Author(s):

Alex Haynes, CISO , IBS Software

Data Breaches

Over the past few years, numerous well-known brands and major corporations have been targeted by cyber-attacks resulting in the exposure of millions of customers’ personal and sensitive information, making data breaches an increasingly common occurrence. Although the immediate effects of these breaches can be severe for both affected individuals and companies, there is potential for … Read more

From the Winter 2023 Issue

Teaching Kids How to Hack

Author(s):

Alex Haynes, CISO , IBS Software

Teaching Kids How to Hack

Many industry professionals bemoan the lack of qualified candidates within information security and resource scarcity is a common issue for many companies. According to latest estimates and depending which numbers you follow, there is a potential shortfall of up to one million cybersecurity professionals globally and this is just getting worse. Granted, geo-political issues like … Read more

From the Fall 2022 Issue

Zero Trust is Not a Product

Author(s):

Alex Haynes, CISO , IBS Software

Zero Trust is Not a Product

Every year at the bevy of conferences that dot the Information Security landscape you can always detect an inherent theme. This may be influenced by acute threats (i.e., Ransomware), a new regulatory environment (i.e., GDPR) or even just a sudden change in how we work, as we all experienced during the pandemic. The issue Zero … Read more

From the Summer 2022 Issue

Ukraine is Winning the Cyberwar Against Russia

Author(s):

Alex Haynes, CISO , IBS Software

Ukraine is Winning - Alex Haynes

During the build-up to the illegal invasion of Ukraine in February of 2022, there was consternation among information security professionals about what would happen on the cyber front. The prevailing groupthink at the time was that if countries in the West imposed sanctions, then they would suddenly be subjected to blistering Russian cyber-attacks that would … Read more

From the Spring 2022 Issue

Getting Offensive With Your Third Parties

Author(s):

Alex Haynes, CISO , IBS Software

ah-sp22 Feature Image

Third-party onboarding today isn’t easy and with the rise in supply chain attacks, the importance of auditing and ensuring your third parties won’t impact your infrastructure from a security perspective remains a burning issue. Many companies still maintain a tick box approach when onboarding or managing third parties and mainly consist of sending out questionnaires … Read more