Resource Type: Advisory

Shutterstock 2068258154

Guide To Securing Remote Access Software

This guide overviews common exploitations and associated tactics, techniques, and procedures (TTPs) malicious actors to leverage, rendering these businesses exposed and vulnerable. It also includes recommendations to IT, OT, and ICS professionals and organizations on best practices for using remote capabilities and detecting and defending against malicious actors abusing this software.

Cash,flow,graph,written,on,blackboard

Forecasting & Scenario Planning

How effectively is your business converting revenue into free cash flow? This measurement is the definition of business value.

Ransomware, ,close,up,of,your,files,are,encrypted,on

CISA Ransomware Guide

Ransomware incidents can severely impact business processes and leave organizations without the data to operate and deliver mission-critical services.

Stock,market,chart,stock,market,data,on,led,display,concept,,

Federal Joint Statement on Crypto Asset Risks

The past year’s events have been marked by significant volatility and the exposure of vulnerabilities in the crypto-asset sector. These events highlight a number of key risks associated with crypto-assets and crypto-asset sector participants that banking organizations should be aware.

Concept,of,danger.,metal,bear,trap.,business Trick.,3d,illustration

Threat Hunter Handbook

Threat hunting provides a second level of defense to address gaps in the overall cybersecurity architecture by finding and disrupting attackers that evaded the organization’s automated defenses.

3d,illustration,of,a,blue,network,with,icons,and,the

DoD Zero Trust Strategy

Our adversaries are in our networks, exfiltrating our data and exploiting the Department’s users. To adapt and significantly improve our deterrence strategies, this never trust, always-verify mindset requires us to take responsibility for the security of our devices, applications, assets, and services; users are granted access to only the data they need when needed.

Image,of,audit,team,working,together,and,looking,about,transaction

China Cyberspace Administration Measures

Companies domiciled outside China that directly collect and process the personal information of individuals residing in China in a cross-border manner are subject to the extraterritorial application of the PIPL.

Golden,bitcoin,coin,on,us,dollars.bitcoin,is,internet,currency,payment

Mapping Ransomware Payment Ecosystem

Central to mitigating ransomware threats is developing an understanding of the actors, stakeholders, processes, and information.

Shutterstock 1150359683 Scaled

Consumer Financial Protection 2022-04

Can entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act (CFPA) when they have insufficient data protection or information security?

Compliance,marked,on,rubber,stamp

Contractual Remedies for DFARS Compliance

Failure by the contractor to provide adequate security for controlled unclassified information may be considered a material breach of contract requirements.