7 Steps to Building a Cybersecurity Strategy from Scratch
When your organization is young and growing, you may find yourself overwhelmed with a never-ending to-do list. It can be easy to...
When your organization is young and growing, you may find yourself overwhelmed with a never-ending to-do list. It can be easy to...
Third Annual List Honors Leading MSSPs, MDR Service Providers & Cybersecurity Companies Salt Lake City, UT., Sept. 24, 2019 — MSSP Alert, published by After...
One concern that often arises when a company is considering hiring a Managed Security Service Provider (MSSP) and outsourcing their security functions is the risk of...
Many leaders in security feel some degree of uncertainty when they see the price tag that accompanies Managed Security Service Providers (MSSPs). While the hesitation is...
If you’ve decided to outsource your security to a managed security services provider (MSSP), you may now be on a mission to find the right one. The bad news is that not...
It’s no longer a question of if you need a robust security plan, it’s now a matter of how you will achieve this. For small businesses and enterprises alike, there is a...
GRA Quantum builds a modern, technology-agnostic Security Operations Center to provide comprehensive, tailored Managed Security Services. SALT LAKE CITY, December 5, 2018...
In today’s day in age, most organizations understand that they are at risk to cyber-attacks and are scrambling to get a firm handle on their cybersecurity programs. Many,...
Our team at GRA Quantum is excited to welcome our newest member, Jen Greulich, as the Director of Managed Security Services. Jen brings a passion for keeping...
Today most businesses find themselves in the position of requiring a strategic partnership with a third-party to address many different business needs and requirements....
It takes only minutes from the first action of an attack with 5 or less steps for an asset to be compromised, according to the 2019 Verizon Data Breach Investigations...
When your organization is young and growing, you may find yourself overwhelmed with a never-ending to-do list. It can be easy to overlook security when you’re hiring new...
Just like kitchen drawers and closets, computers accumulate clutter over time. And when you have an entire organization’s worth of people to watch and exponential amounts...
By 2020, it’s predicted that 83% of company workload will be stored in the cloud (Forbes). This rise in usage and popularity comes at no surprise with how...
43% of breaches in 2018 involved small businesses. Hackers know you’re vulnerable and they’re acting on it. We’re big fans of the DBIR over here, not just because we’re...
When deciding how to go about protecting your company’s sensitive data, there are plenty of different solutions to choose from, such as endpoint controls, file system...
Managing a security program in today’s ever-changing cyber threat landscape is no small feat. Many administrators struggle with knowing where to even start. Cybersecurity...
The Internet of Things (IoT) is creating a need to progress cellular capabilities to provide necessary support to currently 14 billion IoT devices connected globally and...
Big data is the new toy in town—a technological commodity that is driving development, but is also a major point of contention between companies, users, and governing...
While most large enterprises have recognized the value in taking a proactive approach to security, many smaller organizations may not yet realize that they’re also...
The popularity of Internet of Things (IoT) devices is steadily on the rise. In fact, IoT Analytics projects that there will be 22 billion active IoT devices by the year...
The past year has shown that no organization is immune from cyber-attack, with major brands like Facebook, Under Armour, and Ticketfly among those breached. Heading into...
Looking at computer security breaches that have occurred over the years, there are a couple of details that stand out. First, that a lot of breaches occur because of...
The United States of America is becoming increasingly more vulnerable to threats from cyberwarfare. In early October, it was revealed that almost all of our Department of...
Employees continue to be one of the top concerns for security professionals. However, it’s not always the malicious insider that is the cause for distress, but instead...
Financial stress can be a cause for anxiety across all business departments, but if you’re in charge of developing a cyber security budget, you may be feeling extra...
Concerns of election interference are again brought to our attention as the upcoming midterm elections next month draw closer. Officials are on high alert after the...
October, National Cyber Security Awareness Month (NCSAM), is our yearly reminder to evaluate our habits: Are we really following cyber security best practices or are we...
The FBI recently disclosed that nation-state cyber attackers – such as the North Koreans – conduct extensive reconnaissance on their targets prior to carrying out...
As a security professional, you’re no stranger to the challenge of convincing your leadership of the need for cybersecurity. Here’s a list of some of the most compelling...
Earlier this summer, we welcomed a group of four talented interns to our family at GRA Quantum. Right from the beginning, this group has shown the type of ambition that...
With the ever-growing amount of security breaches in the news, you need to take action before the next headline is about your organization. But, it can be overwhelming...
In the world of “insider threat” defense, one of the biggest fears security officials share is the malicious actor who gains legitimate access to a company or...
The more things change, the more they stay the same. As long-time contributors of the Verizon Data Breach Investigations Report, we’re especially invested in the insights...
24% of all breaches in the past year affected financial organizations, according to the Verizon Data Breach Investigations Report (DBIR). While the federal government...
If you’re accountable for your organization’s security, it’s safe to assume that you’re up against some internal challenges in creating an effective security strategy,...
Equifax is receiving a one-two punch after announcing a breach that compromised as many as 143 million American consumers. Let’s put that into perspective, size-wise, as...
The Shadow Brokers recently launched a subscription program that gives anyone access to potentially pernicious exploits and data. According to the service announcement,...
It seems like not a month goes by without reports of data breaches involving passwords. It seems like there’s no hope to be had in constructing strong passwords. Over the...
Situation Report GRA Quantum is actively monitoring the rapid proliferation and widespread impact of the WannaCry ransomware campaign (also known as WannaCrypt, WCry, or...
Cyberespionage should best be understood within the framework of conventional espionage. The growing connectedness of the world and an overall lag in the development of...
Consumers care about security and privacy. The U.S. should embrace a cybersecurity nutrition label to inform customers, unlock their latent preference for security, and...
Technical Surveillance Countermeasures (TSCM) prevent, detect, and neutralize the threats that eavesdropping and surveillance devices pose to organizations. TSCM is a...
Computer Science students are out-innovating their institutions by creating cybersecurity and hacker clubs that implement a hands-on approach to cybersecurity education....
Password managers provide secure alternatives for storing and organizing login credentials. They increase the use of strong, complex passwords and diminish the stress of...
A thorough penetration test identifies possible vulnerabilities, determines how they can be exploited, and works to mitigate them. In a previous post, we...
Bluetooth ushered in the wireless generation. Don’t expect to get rid of it anytime soon. Bluetooth devices have become ubiquitous in the last 20 years. They’re in our...
When a threat hits, incident response is responsible for diagnosing the vulnerability. Through a disciplined approach, incident response breaks down the resolution of...
Hash functions are strong cryptographic tools, but sometimes they’re not as secure as we’d like. We’ve previously explored the foundations of encryption. It’s...
To say that areas of agreement are few and far between in today’s political climate would be an understatement. Some exist, however—most notably on the need to...
Bitcoin’s blockchain technology is relatively immature but will likely revolutionize how we exchange information. When it was introduced in 2009, it was loathed by...
We’ve explored various kinds of encryption all through this series. We saw that ciphers have a long history of success, failure, and innovation. We discovered that no...
“There are two kinds of companies out there: those that have been hacked, and those that don’t know it yet.” A timely reminder from former FBI Director Robert Mueller...
Last time, we explored the RSA Cryptosystem. We observed that its security is reliant upon the difficulty of factoring large integers, but advances in computing are...
Beginning this year, financial and insurance companies in the state of New York will have to comply with some of the country’s most stringent and far-reaching...
On January 6, the Office of the Director of National Intelligence released a declassified version of the intelligence community’s assessment of alleged Russian...
Up to now, we have seen how symmetric algorithms achieve encryption. For example, we’ve seen that RC4 is a simple but insecure stream cipher. We’ve also seen two block...
Last time we explored the once-popular Data Encryption Standard (DES) block cipher. We observed that it implements the confusion and diffusion principles described by...
We’ve seen that stream ciphers like RC4 encrypt each character of a message individually. This seems intuitive, but this can actually make a cipher insecure. That is, the...
We saw last time that ciphers are useful tools to hide information from prying eyes. We also classified ciphers into two families: Symmetric algorithms and asymmetric...
The race for the presidency of the United States in 2016 has been a hotbed of cyberespionage that has raised doubts about the legitimacy of the electoral process. Over...
Securing messages is a significant problem that people have been trying to solve for well over 2000 years. This problem can be solved in part by using encryption....
Have you ever been unable to carry on a conversation with somebody because too many other people were talking to you at once? Overwhelming you with so much information...
In our last post we saw how Hillary Clinton and Jill Stein compare on major cyber issues. In brief, Clinton’s position is moderate and pragmatic, and Stein’s position is...
It’s an election year, which means it’s time for candidates to present their platforms and policy proposals. Even more exciting is that it’s a presidential election year....
It must’ve sounded like something from Star Trek when D-Wave Systems unveiled the first commercially available quantum computer in 2007. The name “quantum computer”...
A World of Data One in five people now use a health wearable of some form. Users can now collect data about sleep patterns, exercise routines, heart rates, and calories...
At first glance, the United States, China, and Russia all have similar public attitudes toward cyberwarfare. By and large they deem cyberwarfare and cyberespionage to be...
The hack of the Canadian-based dating website Ashley Madison made waves in the cybersecurity community last year. The company put its users’ personal data at risk, and as...
The Geneva Convention established rules and reinforced norms in war after the indiscriminate violence and the brutal treatment of other non-combatants during World War...
For 21st century companies it is virtually impossible to conduct business without connecting private enterprise networks to the public internet. Such connectivity allows...
There is a dedicated type of hacker out there that deals not in code and zero-day exploits, but in psychology and social engineering. Their hacker tools include...
This blog post will attempt to make sense of a concept that is ubiquitous in cyber vernacular but whose exact meaning remains obscure to many people: computer networks....
The Brazilian government will be handing out 9 million free latex prophylactics around Rio de Janeiro during the Olympics, according to Reuters. While the initiative is...
Imagine you are going on vacation, and you ask your friend to look after your dog while you’re away. To do this your friend would, of course, need your house key before...
The forthcoming Olympic Games in Rio de Janeiro, Brazil are subject to no shortage of media coverage. Concerns about Zika, Brazilian presidential politics, and underlying...
Manipulating people into surrendering their personal information is a simple tactic that remains one of the biggest cyber threats to individuals and organizations. While...
In the summer of 2015 Fortelus, a British hedge fund, lost over £740,000 after its Chief Financial Officer, Thomas Meston, fell victim to an attack. The scammers posed as...
The 2016 US Presidential Election is, perhaps more than any election past, being shaped in large part by outsiders. The most anti-establishment influencer though, as it...
Imagine surfing the web and stumbling upon a pop-up ad declaring you the lucky winner of a prize. To claim your prize, all you have to do is click the link. You...
In August 2012, an unsuspecting employee at the Saudi Aramco oil company clicked on a malicious link in a phishing email and began one of the most expensive hacks in...
Pokémon Go, a newly launched augmented reality game for smartphones, has swept the nation since its release just last week. As of yesterday in the US alone, the game...
Every day more than 60,000 people fall victim to malware, and they may not even know it. Luckily, though, it doesn’t have to be a hassle to defend yourself. A simple step...
It’s been one year since the US Office of Personnel Management (OPM) announced it had been the target of a massive data breach, and much of the discussion revisiting the...
It’s a typical scenario: you find yourself waiting for your morning coffee and decide to check your work email. You notice that the coffee shop has a public Wi-Fi...
We have all been harassed by (sometimes overly) persistent popups on our home screens urging us to install system updates. No matter how many times they appear, however,...
Spying is not like the movies. From Bridge of Spies to 007, state-sponsored espionage is no longer confined to the treasure troves of government secrets. Today’s biggest...
Credit agency Experian conducted a study a few years ago which showed that the average person has twenty-six online accounts but only five unique passwords. Between...
With the number of threats growing and the likelihood of an attack against individuals or firms increasing, it’s never been more important to understand the ins and outs...
Twenty-five years after the collapse of the Soviet Union, the specter of a nuclear holocaust has faded. The threat of weapons of mass destruction still looms, to be sure....
In late 2015 the Food & Drug Administration (FDA) advised hospitals to stop using an insulin infusion pump made by Hospira due to a proven vulnerability whereby a...
Following the dissolution of the Safe Harbor pact in October, US companies are increasingly investing in foreign data centers. Both firms and consumers should be wary of...
In 2015, media reports attributing data breaches to China exceeded by a wide margin those of any other state-sponsor of cyberattacks in consistency, volume and severity....
“A company may have the most sophisticated cybersecurity protections in the industry, but if its third-party service providers have weak systems or controls, those...
Cyber crimes continue to be costly for organizations. A recent study reveals that the average annualized cost of cyber crime increased by 20 percent to $15 million this...
Later this month the United States and United Kingdom will launch Operation Resilient Shield, a joint protocol to test the cyber readiness and cooperative capacity of the...
The Islamic State of Iraq and Syria (ISIS) has revolutionized how terrorist groups use the Internet to recruit and inspire followers. Since 2014 the group has spread its...
Growth in the number of connected objects is bringing a whole new set of security concerns to consumers and producers alike. With 200 billion devices predicted to be...
The “connected” car market is expected to be worth $44.4 billion in 2018, with 21 million of the cars sold in that year fitted with so-called smartphone integration...
Whether pursuing an acquisition, inking a contract with a vendor, or partnering with another firm, companies routinely conduct due diligence to ensure that their...
Industrial espionage has grown to become an all-too common reality for today’s businesses. In the United States alone, experts have estimated that private...
In August, the US government encountered two serious setbacks in its quest to strengthen the nation’s cybersecurity. In Congress, the Senate failed to proceed to a vote...
Even the best-defended enterprises can fall victim to devastating cyber attacks. When disaster strikes, organizations with a robust cyber risk insurance policy are able...
As the Arab Spring reached Damascus in early 2011, a previously unknown group called the Syrian Electronic Army (SEA) emerged online. Their stated purpose was to counter...
A decade of crippling international sanctions has not deterred the Islamic Republic of Iran from aggressively developing its offensive cyber warfare capabilities. From a...
Cuba’s rapprochement with the United States in recent months has sent shockwaves of enthusiasm throughout markets and the diplomatic community alike. Normalization of...
Since 2002, the leaders of the People’s Republic of China have made the modernization of China’s armed forces one of their highest priorities. Military leaders have...
Among the leading actors in state-sponsored cyber warfare, the Russian Federation stands out for its highly sophisticated and stealthy attacks on foreign governments and...
We live in an age of increasing cyber insecurity. This past year has demonstrated that governments, businesses, and individuals alike can all be targets of cyber attacks....
The recent case of corporate cyber espionage between the St. Louis Cardinals and the Houston Astros is the first of its kind in Major League Baseball. The hacking scandal...
State-sponsored cyber attacks are on the rise. Motivated by patriotic devotion or the draw of lucrative careers, many hackers now lend their skills to military and...
On 4 June 2015, the White House announced the Office of Personnel Management (OPM) had been the subject of a massive cyber attack. The breach, resulting in the theft of...
On June 1 the Chinese government kicked off its second annual Cybersecurity Week in Beijing. The Cyberspace Administration of China, Ministry of Education, and Ministry...
Since his early 2015 swearing-in, Secretary of Defense Ashton “Ash” Carter made updating the 2011 US Department of Defense Strategy for Operating in Cyberspace a top...
Law firms are natural targets for cyber crimes. A 2012 cybersecurity report estimated that 80 percent of the 100 largest American law firms had suffered “some malicious...
Security experts from across the US healthcare industry are meeting in Atlanta this week to take part in the 3rd Annual Healthcare Cyber Security Summit. They plan to...
In Moscow last week, Chinese President Xi Jinping and Russian President Vladimir Putin signed a bilateral agreement on cybersecurity. As part of the deal the two...
In April, the US House of Representatives passed two pieces of legislation aimed at bolstering information sharing between the government and the private sector. If...
In a few weeks, security experts from across the US healthcare industry will meet in Atlanta, GA to address the growing cyber threat to their organizations. The meeting...
Recent industry data shows that cyber attacks on critical infrastructure (CI)—such as energy distribution networks, financial systems, and communications networks—pose a...
Over the past year, a number of high-profile data breaches have illuminated how unprepared some of North America’s largest corporations are in the wake of increasing...
China’s National People’s Congress (NPC) concluded its annual legislative session in Beijing last week, covering in part a controversial Anti-Terrorism Law with strict...
During recent cyber attacks on Sony Pictures, hackers seized the company’s computer network and collected an impressive amount of data, including customer and employee...
When should you call in the red team? Every organization, regardless of size or industry, should conduct a red team exercise at least annually. Red team exercises...
Chinese hackers have given U.S. companies a reprieve for more than a year. But, does the hack of the National Foreign Trade Council signal a return to Chinese IP...
As networks and endpoints have hardened, hackers have turned to time-tested exploitation of human psychology. Whether in the digital or physical realm, neglecting the...
It’s important to develop a tailored physical security strategy to protect your assets. Many of our blogs are related to cybersecurity, but security in the...
Cybersecurity is best approached holistically—by combining human, physical, and technical efforts together to mitigate threats. But how exactly does the human element...
What does it take to build a security program from scratch, in a company without any existing security initiatives in place? To answer this question, we spoke with Jadee...
We’re excited to welcome Filaree Way to our GRA Quantum team as Project Manager. Filaree has 10 years of project management experience in diverse companies with the...
What value does someone with a liberal arts background bring to the cybersecurity industry? To find out, we spoke to someone with years of personal experience in the...
“Diversity drives innovation- when we limit who can contribute, we in turn limit what problems we can solve.”- Telle Whitney, former CEO and President of the Anita Borg...
Our team at GRA Quantum would like to congratulate Bart Holzer on his well-deserved promotion to Sr. Director of Integrated Security Solutions. Bart has been with GRA...
Earlier this summer, we welcomed a group of four talented interns to our family at GRA Quantum. Right from the beginning, this group has shown the type of ambition that...
Our team at GRA Quantum is excited to welcome our newest member, Jen Greulich, as the Director of Managed Security Services. Jen brings a passion for keeping...
It’s that time of year again. The 2017 Verizon DBIR is out and information security professionals are scouring the pages for insights and best practices to bring to their...
Excited to meet their other-office colleagues and visit the newly completed One World Trade Center office, GRA’s interns met up this past week for a day in the Big Apple....
With a successful intern day in Washington, DC just weeks earlier, this past Friday GRA Quantum’s interns had the opportunity once again to meet for a day of activities...
Earlier this month GRA Quantum welcomed a new group of interns to its Washington and New York offices. This past week, our interns from both offices had the opportunity...
“Tell me and I forget. Teach me and I remember. Involve me and I learn.” – Benjamin Franklin GRA Quantum welcomed a diverse and talented team of interns...
CONTACT
GRA Quantum is a wholly owned subsidiary of the Global Risk Advisors company.
© 2023 GRA Quantum. Privacy PolicyTerms of Use