This report aims to demonstrate the state of full stack security based on thousands of security assessments performed globally, as delivered by the Edgescan SaaS during 2020. I am still as passionate as ever in compiling this report and delving into the underlying data, as it
gives unique insight into what’s going on from a trends and statistics perspective and indeed a snapshot of the overall state of cyber security.
The Edgescan report has become a reliable source for truly representing the global state of cyber security vulnerability management. This
is becoming more evident as our unique dataset is now also part of other annual security analysis reports, such as the OWASP Top 10 and Verizon DBIR (we are happy contributors for many years now).

This year we took a deeper look at vulnerability metrics from a known vulnerability (CVE), Malware, Ransomware and visibility standpoint (exposed services), coupling both internal and public Internet-facing systems.

Click to download

Defining and communicating your Board’s Information Risk Regime is central to your organisation’s overall cyber security strategy. The National Cyber Security Centre recommends you review this regime – together with the nine associated security areas described below, in order to protect your business against the majority of cyber attacks.

(more…)

Cellular networks will be transitioning from 4G to 5G, and 5G networks will provide increased cybersecurity protections. This project will identify several 5G use case scenarios and demonstrate for each one how to strengthen the 5G architecture components to mitigate identified risks and meet industry sectors’ compliance requirements. The project will demonstrate how commercial and open source products can leverage cybersecurity standards and recommended practices for each of the 5G use case scenarios, as well as showcase how 5G security features can be utilized. A phased approach will be employed to align with the development pace of 5G technology and availability of commercial 5G technology.

This iterative approach will provide the flexibility to add to the project as the phases evolve to take advantage of newly introduced security capabilities. This project will result in a freely available NIST Cybersecurity Practice Guide.This document describes several security considerations as industry is preparing for a migration to the 5th generation (5G) mobile network. The NCCoE cybersecurity team will develop approaches and proposed solutions in collaboration with a Community of Interest, equipment vendors, and telecommunication providers.

Click to download

The expectations for the year 2020 are massive, as major world events underscore mounting geopolitical tensions. The United States will elect a president, Tokyo will host the Olympics, and renewable energy is anticipated to outcompete fossil fuels. Likewise, this time of economic uncertainty and increased competition across industry is contributing to the rise of digital transformation. Unprecedented innovations have been promised to us. Commercial space programs will take us to Mars, we will control devices with microchips implanted in our brains, and cars will be fully autonomous. Whether the above will come to fruition, one thing is for certain: the transformational benefits of next-generation technology are here.

Leaders are investing in digital transformation to increase competitive advantages, drive operational efficiencies, and grow market share. Leading-edge technology companies are manufacturing products faster, advancing logistics processes, and filling talent gaps. Alongside this rapidly scaling digitalization is organizational convergence. Enterprises are aggressively expanding through mergers and acquisitions, and evolving across geographical markets and industry. All the while, threat actors continue to challenge innovative security systems, uncovering gaps and slipping into the globally connected landscape the world is constructing. Organizations that prepare for uncertainty and approach their digital transformation with a security-focused mindset will be better positioned to survive this increasingly hostile connected ecosystem.
Today’s leaders must approach their security challenges with the same imagination, agility, and tenacity as their adversaries.

Click to download

Compiled this list of cheat sheets from other sources. As such, you will find reference to many different individuals or organizations that created these cheat sheets. No one take no credit for any of their creations save. As such, the Blue Team Cheat Sheet book is completely free and open for use for anyone to have or edit.

(more…)