endpoint security blog

Final-Connect-Image.jpg

Tom Bain

Recent Posts

Take your SMB cyber Security program from “I hope,” to “I know”

As a small business or mid-sized organization, cyber security can mean very different things. Most small businesses have less resources available to deal with threats.

Read More

Topics: Tom Bain, CounterTack, EDR, endpoint detection and response, SMB, SMB Security, ThreatScan PRO, on-demand endpoint scanning

Endpoint Detection and Response: An Essential Component of SOC

As a leading platform provider to enterprise and Federal customers in the endpoint detection and response (EDR) market, we’ve been closely watching the changing nature of how Security Operations Centers (SOC’s) are structured for optimal aggregation and correlation. We are seeing several trends emerge as SOC managers demand a more robust, yet less cumbersome set of integrations into SIEM platforms as their centralized cybersecurity lens into threat management.

Read More

Topics: EDR, cybsersecurity, SOC, SIEM

Endpoint Detection and Response (EDR)—A Look at the Evolving Industry

Over the past 18 months we’ve watched the Endpoint Detection and Response (EDR) market evolve and take shape as organizations both small and large and across industry are recognizing the need to protect the endpoint.  A clear focus for technology market-wide, has been on trying to solve customer challenges by detecting threats faster and with more efficacy, integrating endpoint intelligence into other platforms, improving SOC workflow and preventing commodity malware in favor of focusing more on advanced threats. 

Read More

Topics: cybersecurity, EDR, SIEM

Do We Face Security Threats Levels Based on Geographic Location?

In recent years, the Asia-Pacific (APAC) region has been increasingly scrutinized for the growth of cyber security attacks incidents and the perceived lack of cyber security knowledge and preventative measures in the region.  The good news is that we’re now seeing a real uptick in the region’s cyber security efforts, across the board.

Read More

Topics: EDR, APAC, Blog

Do You Value Time or Knowledge on Cyber Security Protection? Change the Discussion

As we head into the final stretch before RSA, CounterTack, like most cyber security protection organizations, is realizing how critical every day, every hour and every minute is, relative to the work we are doing for our customers in protecting their IT infrastructure. 

And as each vendor, enterprise organization, partner and investor gets ready for five days of meetings, presentations, job interviews and cocktails, RSA is typically the platform for numerous announcements and cyber security tools advancements. 

Read More

Topics: cybersecurity, Next-gen endpoint security, cyber attcks, attack dwell time

A Case for Security Prioritization in Retail


I was shoppping with my daughter the other night for indoor soccer socks at a major sporting goods retailer here in Massachusetts. As we rolled up to the register with bright pink and purple options, I noticed something at checkout - the retailer was not ready for chip and pin credit cards. 

As I swiped my chip and pin credit card, I got to thinking...there are cyber risks everywhere, during every transaction, before and after every transaction, at any store, any company, coffee shop, airplane, airport, organization you visit...but back to the example here. 

Read More

Topics: Cyber Security, APT, CounterTack, Breaches, Breach, retail data breach, data breach, EDR, chip and pin, retail security

The Tall Tale of Endpoint Security: How Do We get from Nice-to-Have to Need-to-Have

After spending two days at the Gartner Security & Risk Summit in DC this week, a few very interesting topics stood out. (I’ll post more on specific talks from the events later)

First, as if RSA and InfoSec Europe weren’t enough to prove this, its clear that easily 50% of cybersecurity vendors are starting to tell an endpoint story - whether they can actually collect valuable, actionable system-level data or not – they are saying they can.

Read More

Topics: endpoint security, Gartner Security and Risk Management Summit 2015, threat detection and response

Five Hard Truths About Critical Infrastructure Protection: Truth 5

In last week’s blog, we walked through the various reasons why it’s important for critical infrastructure providers to develop and implement cybersecurity countermeasures tailored to the specific needs of physical and digital infrastructure. 

Truth #5: Most critical infrastructure providers lack the tools, skills and mindset to deal with cyberattacks and APTs 

Read More

Topics: Critical Infrastructure

Five Hard Truths About Critical Infrastructure Protection: Truth 4

In last week’s blog, we discussed why it’s important for critical infrastructure providers to recognize that by solely deploying preventative solutions, they are actually setting themselves up for failure. Cost-effective, scalable, post-intrusion detection solutions will help strengthen overall security strategy through proactive measures. 

Truth #4: Most critical infrastructure providers don’t know what digital vulnerabilities they have, where to find them or how to fix them 

Each critical infrastructure provider must develop and implement cybersecurity countermeasures tailored to its specific physical and digital infrastructure. This is hugely unfamiliar territory for most providers, who have relied on their equipment vendors to handle both ICS/SCADA and IT security. 

Unfortunately, neither traditional critical infrastructure vendors nor IT security vendors are fully equipped to counter the unique hybrid threat of cyber-enabled critical infrastructure attacks: The former aren’t schooled in IT security, while the latter aren’t used to protecting non-IT physical assets. Even worse, sometimes ICS/SCADA vendors don’t reveal vulnerabilities or even purposely install capabilities – such as unremovable backdoors – that attackers could easily co-opt. 

Scared they might overlook dangerous threats already on their systems, providers are reaching out to private forensic analysis companies and government authorities for help. A key, trusted government component is the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), part of the Control Systems Security Program (CSSP) at the U.S. Department of Homeland Security (DHS). ICSCERT specializes in forensic incident response and vulnerability assessment throughout the critical infrastructure spectrum, from sectors as a whole to individual owners and operators. 

ICS-CERT’s June 2012 Incident Response Summary Report stated that the organization fielded nine incident reports in 2009, 41 in 2010 and 198 in 2011 – a 2,100-percent increase in only two years. Most incidents were not actual attacks, but of the 17 incidents that warranted on-site assessments: 

Read More

Topics: Critical Infrastructure

The Next Generation Endpoint Is Truly Here - Malware Security

The RSA Conference was an interesting experience, particularly for those in the endpoint malware security market, or those attempting to break into this emerging market. It seems everyone at this point has some type of endpoint play, regardless of their technology heritage, or prior security focus.

It was at the America’s Growth Capital conference, a simultaneous gathering of investors and security types, that perhaps one of the more interesting panels took place, albeit, the final panel session of the day. With 1 billion endpoints in need of help, its clear this is the hottest market across the broadening security industry. 

Malware security Issues

Read More

Topics: Cyber Attack, APT, cybersecurity, Tom Bain, Sentinel, endpoint security, CounterTack, Breaches, Zero-day Attack, Neal Creighton, data breach, Big Data Security, EDR, Big Data EDR, RSA Conference 2015, endpoint detection and response, AGC

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all