Five-question checklist for improved cyber situational awareness
Recently, Hold Security, a firm in Milwaukee, announced that a Russian crime ring had stolen 1.2 billion user credentials and 500 million e-mail addresses from 420,000 websites. According to an article by the New York Times, if true, the cyber-heist would be the largest in history.
Hold Security did not name the victims of the attack, citing nondisclosure agreements with victim companies.
In the face of attacks like this, it would be nice if Chief Information Security Officers (CISOs) had a crystal ball to keep their networks safe. But that's not really necessary. Attacks like this are as defendable as they are inevitable with the use of emerging tools including threat intelligence and outcome-based cybersecurity.