How We Can Turn National Cybersecurity Awareness Month Into Cybersecurity Action

Want to take a peek at the World’s Worst Data Breaches? Here you go:

Now that we’ve got that out of the way, let’s start this blog post over again. Our goal isn’t to frighten you or deepen the numbness you might already be feeling from the drip, drip, drip of bad cyber news.

It’s National Cybersecurity Awareness Month (NCSAM), which was launched in October 2004 as a collaboration between the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security with the goal of raising awareness and providing education on cybersecurity issues.

The name is something of a misnomer, however. NCSAM is really designed to do more than make you aware of cyber risks. It’s bigger goal is to arm you with information and tools you can use to strengthen yourself, your social groups, and your businesses against the cyber criminals who prey on us.

In the spirit of NCSAM, we at Threat Stack want to do our part by sharing some of the advice our bloggers have offered on how to take action to protect yourself and your company from cyberattacks. With that in mind, here are summaries of four recent blogs. Read more “How We Can Turn National Cybersecurity Awareness Month Into Cybersecurity Action”

11 Questions to Ask Before Investing in a Cloud Security Solution

Whether you’re in security, operations, or another related discipline, choosing the right cloud security products can be a complex process. With thousands of options, each with their own nuances, how do you know which tool, or mix of tools, is going to be right for your organization? The following questions are designed to help you identify the solutions that will fit your specific needs and requirements. Use them as you make your decision, and the entire process will be much more seamless. Read more “11 Questions to Ask Before Investing in a Cloud Security Solution”

6 Ways to Adopt a Cloud-Specific Security Paradigm

Cloud technologies and traditional security processes are as bad a match as stripes and polka dots. They simply aren’t built to mix well together. As companies adopt cloud technologies, security teams are scrambling to apply what they know to this new way of doing business. But they’re quickly realizing how different an on-prem mindset is from one that’s geared to the cloud. Namely because, in an on-premise environment, security is based on the perimeter. In the cloud, however, there is no defined perimeter, and a seemingly endless number of endpoints. In the face of this, security needs to shift in a major way.

In this post, we will define six ways you can effectively shift your security paradigm so it’s suited to a cloud-defined world. Read more “6 Ways to Adopt a Cloud-Specific Security Paradigm”

7 Ways Business Processes Have Changed the Need for Security

Considering how fast every facet of business is changing today, the job for Security teams has become much more complex — and critical. Not only are there more data and endpoints to protect, but there are also new threats and adversaries to detect.

Since speed and continuous release cycles can be a major competitive advantage for businesses, Security professionals need to identify ways of keeping up. In this post, we’ll cover seven important ways business processes are changing and how security can adapt to support the speed of business. Read more “7 Ways Business Processes Have Changed the Need for Security”

5 Security Blogs Your CFO Needs to Read

5 Security Blogs Your CFO Needs to Read

Before I started working at Threat Stack, security was not always at the top of my priority list. Now, as the CFO of a leading cloud security company, I’ve learned to take a more holistic view of security: I still view it as a necessity that ensures the safety of an organization’s data and systems, of course, but I also understand that it can be a powerful business enabler and business driver.

Put another way, I no longer view security as just an expense (a “necessary evil”?), and see it as an investment that adds ongoing value throughout the organization and beyond as it not only provides foundational security, but also bolsters corporate reputation, adds confidence to customer relations, streamlines sales cycles, reassures board members and investors, helps with achieving compliance, and so on.

In spite of the huge value it adds, security can still be something of a hard sell — especially in companies where resources, including budget, are limited. With that in mind, I want to use this post to share some of the things I’ve learned as CFO at Threat Stack. Read more “5 Security Blogs Your CFO Needs to Read”

What You Need to Know About the Apache Struts Vulnerability – Updated

Post updated by:
Christian Lappin,
Threat Stack Senior Security Engineer & David WeinsteinThreat Stack Senior Security Engineer

Four months ago we wrote the following:

The Apache Struts “vulnerability is . . . extra-concerning because exploiting it is trivial. Hackers can easily spot vulnerable systems, the Struts exploits are publicly available, and the attack is easy to carry out and repeat. Attackers need to modify just one line of code to trick servers into downloading malicious binary from the internet.”

We warned about the Apache Struts vulnerability before the massive cyber attack that Equifax Inc. experienced — or at least before Equifax announced the breach to the public. Read more “What You Need to Know About the Apache Struts Vulnerability – Updated”

Massachusetts Takes Leadership Role in Cybersecurity

Threat Stack Welcomes New Massachusetts Cybersecurity Growth and Development Center

Last week, during the inaugural Cybersecurity Forum, Massachusetts Governor Charlie Baker announced the brand new, Cybersecurity Growth and Development Center at the Massachusetts Technology Collaborative. The goal of the new public institution is to unite the cybersecurity sector in Massachusetts, while also training new talent — a huge win given the acute skills shortage that exists today. At Threat Stack, we couldn’t be more pleased or supportive. Read more “Massachusetts Takes Leadership Role in Cybersecurity”

Threat Stack Raises $45M in Series C Funding to Accelerate Cybersecurity Innovation & Market Expansion

This is another landmark day in Threat Stack’s growth: It’s with great excitement that we announce that Threat Stack has secured $45 million in a Series C funding round led by F-Prime Capital Partners (the venture capital group associated with the parent company of Fidelity Investments), and Eight Roads Ventures, along with participation from existing investors Scale Venture Partners, .406 Ventures, and Accomplice.

Leveraging strong customer adoption and robust organic growth, we have set our sights on expanded opportunities in existing markets as well as entry into new sectors. Further investment in innovation will consolidate Threat Stack’s leadership in the cybersecurity market as we continue to develop the industry’s most comprehensive intrusion detection platform for cloud, hybrid-cloud, and on-premise environments.
Read more “Threat Stack Raises $45M in Series C Funding to Accelerate Cybersecurity Innovation & Market Expansion”