2023's Top Picks: The 10 Must-Read Cybersecurity Articles Authored by Our Team
At Echelon, we take immense pride in our contributions to the vibrant cybersecurity community and our participation in its growth. Our commitment extends beyond mere involvement – we strive to foster awareness among our clients and the broader cyber community. This commitment is exemplified through our Intelligence blog, which serves as a reliable source of insightful information.
As we reflect on 2023, we are delighted to share some highlights. Here are the top 10 articles from our Intelligence blog, ranked based on their unique pageviews. These articles not only showcase our expertise but also underscore our dedication to keeping our clients and everyone else well-informed about the latest developments in the ever-evolving field of cybersecurity.
NYDFS Second Amendment to 23NYCRR500: Changes and Updates to the Regulation
Explore the significant changes and updates introduced by the NYDFS Second Amendment to 23NYCRR500, impacting cybersecurity regulations for financial institutions. Erin Conway provides insights on critical amendments, timelines, and actions for compliance.
The Language Revolution: Enhancing Cybersecurity with Large Language Models
In this article, Renata Uribe Sánchez explores the transformative impact of large language models (LLMs) in the field of cybersecurity. LLMs, particularly Transformers, are powerful tools within deep neural networks that can interpret and generate natural language, making them invaluable in various applications.
A Six-Step Starter Guide for HIPAA Compliance
Embark on a journey to HIPAA compliance with Daniela Villalobos' comprehensive guide. Explore the six essential steps, understand HIPAA's importance, and discover how Drata's automation tool streamlines the process.
Cyber Definition Problems: Red Teaming vs. Penetration Testing
Cybersecurity terms like "red teaming" and "penetration testing" are often used interchangeably, leading to confusion and misinformation. This article explores the differences between these assessments and why the misuse of terms can be detrimental to the industry.
Level-Up Your Testing with Adversarial-Based Red Teaming and the TIBER-EU Framework
Traditional penetration testing may not be enough to simulate real-world attack scenarios. Discover the benefits of adversarial-based red teaming with the TIBER-EU Framework to improve your organization's ability to detect, respond to, and mitigate sophisticated attacks.
CISOs, Are You Doing Enough to Evaluate and Address Your Vendor Risk?
Is your organization's Vendor Risk Management strategy robust enough? This article explores the critical role of CISOs in assessing new vendors and monitoring existing ones to safeguard against data breaches and potential disruptions. Stay ahead in the evolving landscape of third-party threats and enhance your cybersecurity posture.
Hackin’ SaaS – Echelon’s Top 10 Web App Vulnerabilities
Echelon's Offensive Security (OffSec) team of ethical hackers conducts daily penetration tests on web applications, uncovering common vulnerabilities that threaten online security. In this article, we explore the top 10 web app vulnerabilities frequently encountered during penetration tests. From SQL injection to CORS misconfigurations, we'll delve into each vulnerability and discuss how to both exploit and safeguard against them.
How to Attract and Retain Women in Cybersecurity
Discover effective strategies and insights to bridge the gender gap in the cybersecurity field with our senior cybersecurity consultant, Shir Butbul. Explore her findings, recruitment practices, mentorship programs, and more as we delve into the crucial mission of attracting and retaining women in cybersecurity. Learn from Shir's expertise and contribute to building a diverse and resilient cybersecurity workforce for a safer digital future.
To hire, or not to hire a CISO? That is the question. Or is it though?
Small to mid-sized businesses often wonder whether to hire a Chief Information Security Officer (CISO). This article examines the factors for SMBs to consider when deciding to hire a full-time or fractional CISO.
The 5 Things I Learned About Consulting in My First 5 Months as a Consultant at Echelon Risk + Cyber
Six years into her professional career, Shir Butbul decided to make a career change and move into consulting after working as a GRC Lead for various companies. Here's what she has learned on her journey.
Want to stay informed of new articles like these?
Subscribe to our Cyber Intelligence Weekly newsletter to get articles like these (along with three hot cyber topics) in your inbox each week.