Cosive Blog

How to Keep Executives Safe from Malicious Actors with an “Executive Protection Program”

Keeping executives safe can be one of the biggest challenges for CISOs. Without a deep knowledge of security risks, executives may see efforts to keep them safe as onerous rules and restrictions that reduce their efficiency. These rules are often seen as pushing the balance too far in favour of security at the expense of usability and convenience. This can ultimately result in non-compliance which puts the executive, and the organisation, at risk.

Read More
Terry MacDonald
Running Your SOC Playbooks as Code: Use Cases, a.k.a. Don’t Start With Phishing

The first thing that everyone wants to do when they get their brand new SOAR out of the shrinkwrap is solve phishing. I hate to be the one to break it to you, but if we were going to solve phishing, there wouldn’t be six or so anti-phishing vendors out there right now. (Technically malware was the first computer security problem that we struck, with the Morris worm, but in terms of things that face regular users, phishing is the first problem. Paul Graham first started applying bayesian analytics and machine learning to this stuff in the 90s, or something crazy, and we still haven’t solved it yet.)

Read More
Tash Postolovski
Running Your SOC Playbooks as Code: Getting Started

You know when you run into someone you haven’t seen in for a while, and you’re like: “How’s that car you’re rebuilding?” And then for the next two hours they excitedly tell you about it? That’s pretty much what I’m like with SOAR at the moment (Security Orchestration, Automation, and Response). I’ve been living and breathing SOAR for the last two or three months. It’s a really interesting area, and probably the only thing in security that I think everyone should do. Every company that has at least one security person: if you’re not looking at automation and orchestration, you’re probably letting yourselves down.

Read More
Kayne Naughton