Blog - RH-ISAC

In a perfect world, all of the defenses you’ve put in place will successfully defend against a ransomware attack. Your employees won’t click on any malicious links, none of your credentials will be brute-forced, your RDP ports are secure, and you’ve implemented a zero-trust framework across your network. It is true that taking measures to…

SaaS Security: A Changing Model of Cybersecurity Businesses today commonly employ hundreds of individual SaaS applications for a variety of specific functions, but the majority of sensitive data is typically entrusted to a small set of foundational enterprise applications. Security leaders are well aware that the transition to SaaS has prompted increased targeting by bad…

Updates: April 5, 2022, 12 p.m. ET The “Spring4Shell” RCE (CVE-2022-22965) has been added to CISA’s list of known exploited vulnerabilities. Due to the conditions required to exploit the vulnerability, security researchers are beginning to form a consensus that, while serious, Spring4Shell is not as critical or dangerous as the Log4Shell vulnerability. The conditions for…

With ransomware demands in the millions, companies are beginning to prioritize investment in their ransomware resilience strategy to avoid the severe financial, operational, and reputational costs of being the victim of an attack. In fact, ransomware planning ranked as the top initiative for retail and hospitality CISOs in RH-ISAC’s recent 2021 CISO Benchmark Report, but…

Businesses interested in scaling up operations are turning to hybrid cloud environments as a cost-effective solution. Hybrid clouds provide the best of both worlds, allowing companies to expand their network without investing in additional, costly on-premises servers that must be maintained. Instead, they can keep their highly sensitive data securely stored on premises where they…