Sage Advice - Cybersecurity Blog

Cybercrime-as-a-Service... Can You Spot the Cybercriminal?

Though it’s a natural evolution, the very existence of cybercrime-as-a-service (CaaS) shocks people. Never mind the annual global costs attributable to CaaS, or how much it hampers innovation. In his keynote at the 2017 CyberCrime Symposium, McAfee Chief Scientist Raj Samani made sure attendees understood the CaaS threat — calling his content the “most depressing 45 minutes” they’d ever get at a security event — by mapping its rise and rapid expansion.

Read More

Topics: CyberCrime Symposium, Malware, Cyber Crime

Lessons from the 2017 CyberCrime Symposium

Cybercrime’s a global pandemic, and no organization, large or small, is immune. When everyone’s at risk, everyone’s responsible. And how they handle this responsibility has global implications.

If there’s any good news, it’s that everyone’s in it together. By making “Think Global, Act Local” the theme of its 2017 Cybercrime Symposium, Sage Data Security issued a call to action. Every organization’s charged with investing in the right people, training, technologies, and services to protect themselves, while striving to be an asset to a global community where collaboration’s critical.

Read More

Topics: CyberCrime Symposium, Cyber Defense

Conducting a Cyber-Crime Exercise in a Smaller Enterprise

When we talk about designing a great cyber-crime exercise, we always say that you need eight things to make it work. That sounds like good advice for a larger company, but what if you are in a smaller organization, say one with less than 300 employees? Can you still do this type of exercise? The answer is a resounding “yes!” A well-designed cyber exercise CAN be conducted in a smaller organization; it just takes a little readjusting of the eight basic things to make it all work.

Read More

Topics: CyberCrime Symposium, Incident Response

What You Don’t Know: Cyber Defense Against Unknown Threats

Even with all the traditional cybersecurity defenses, breaches still occur.  “So, why haven’t these traditional security products adequately protected you?” asked Jack Walsh, New Initiatives and Mobility Programs Manager at ICSA Labs, during his talk at the 2016 CyberCrime Symposium.  According to Walsh, it’s due, in part, to the fact that while they do an okay job against known threats, they “don’t do a good job at all against unknown and new threats.”

Read More

Topics: CyberCrime Symposium, Malware, Cyber Defense

Cyber Insurance: Are You Covered?

Back in the late ‘90s, the insurance industry came out with an early cyber insurance product. As it was a product for Y2K losses, “it was a dud, and when it died, everybody thought that cyber insurance would never take off,” said Peter Foster, in the opening remarks of his session at the 2016 CyberCrime Symposium on cyber insurance realities. "Today," said Foster, who helps large companies manage risk in his role as EVP and FINEX Cyber Leader for Willis Towers Watson, "US companies are paying a total of $3 billion in cyber insurance premiums and insurance companies are covering losses caused by breaches."

Read More

Topics: CyberCrime Symposium, Risk Management

Behind the Scenes: Demystifying Malware

The frequency and size of malware attacks and the havoc they wreak are generating a continuous stream of media coverage, attracting eyeballs with often shocking details of breach size. What’s often missing in news stories on data breaches are critical behind-the-scenes “players” – the employee roles and IT systems targeted, the technology infrastructure that supports an attack, the malware tools, and the attackers that create and use the infrastructure.

Read More

Topics: CyberCrime Symposium, Malware, Cyber Defense

Cybercrime Attribution Analysis:  The Cyber Who Done It

As much as cybersecurity professionals need to be concerned about insider threats, the bulk of data breaches are still the work of outside forces. "In 2015, 77.7% of all the data breaches we tracked came from the outside,” said Jake Kouns, CISO for Risk Based Security, a consultancy that helps organizations apply analytics to real-time data to monitor activity, and CEO of the Open Security Foundation, which oversees the Open Source Vulnerability Database ( and “While insiders may hurt you worse because they know where the crown jewels are, breaches are much more likely to be coming from the outside.”

Read More

Topics: CyberCrime Symposium, Cyber Defense, Cyber Crime

Don’t Blame Bitcoin for Ransomware

Though it’s been around in various incarnations for a couple of decades, ransomware is one of the hottest topics in the world of cybersecurity, and for good reason. It’s malware on the rise, thanks to its role in a growing number of successful cyber-attacks and the high ROI it delivers.

Read More

Topics: CyberCrime Symposium, Malware, Ransomware

Cybersecurity Awareness Can Be Fun and Games

Like most cybersecurity experts, Ira Winkler has a wealth of stories that illustrate how dangerous user behavior can be to cybersecurity. He’s also got something more. A “modern-day James Bond,” Winkler is indeed a straight shooter, with a humor-laced delivery style that’s well suited to the topic of gamification – a tool he sees as instrumental to cybersecurity awareness and the subject of his presentation at the 2016 CyberCrime Symposium.

Read More

Topics: CyberCrime Symposium, Cybersecurity Culture

Mobile Malware’s Getting Smarter

Despite their immense popularity, ubiquity, and ability to find their way into just about any IT conversation and industry content, mobile devices haven’t attracted much interest from the attack side. Though device infections did reach a new high in April 2016, they comprised just 1.06% of total malware infections, explained Kevin McNamee, director of Nokia’s Threat Intelligence Lab, during his presentation at the 2016 CyberCrime Symposium.

Read More

Topics: CyberCrime Symposium, Malware, Mobile Security