4 min
CISOs
How CISOs’ Roles – and Security Operations – Will Change in 2024
It’s fair to say that 2023 was a turning point for the cybersecurity industry,
and no one felt it more than the CISO. From the onslaught of ransomware and
zero-day attacks,
[https://www.rapid7.com/blog/post/2024/01/12/2023-ransomware-stats-a-look-back-to-plan-ahead/]
to the SEC’s new reporting rules
[https://www.rapid7.com/globalassets/_pdfs/policy/sec-cybersecurity-compliance-solution-brief.pdf]
, and added to technological innovation and sprawl, CISOs have never been under
more pressure to ge
2 min
Security Strategy
ISO 27001 Certification: What it is and why it matters
Rapid7's ISMS is ISO 27001 certified. This certification validates that our security strategy and processes meet very high standards and underscores our commitment to corporate and customer data security.
5 min
Cybersecurity
No Damsels in Distress: How Media and Entertainment Companies Can Secure Data and Content
As media and entertainment companies grow their cloud footprints, they’re also opening themselves up to vulnerabilities threat actors can exploit.
4 min
Security Strategy
Building Cybersecurity KPIs for Business Leaders and Stakeholders
In this post, we discuss how to operationalise security into an overall strategy measured by cybersecurity KPIs.
2 min
Research
Today’s SOC Strategies Will Soon Be Inadequate
New research sponsored by Rapid7 explores the momentum behind SOC modernization and the role extended detection and response (XDR) plays.
5 min
Security Strategy
How to Build and Enable a Cyber Target Operating Model
In a recent webinar, Rapid7's EMEA CTO Jason Hart explained the journey to a targeted operating cybersecurity model.
4 min
Cybersecurity
4 Strategies to Help Your Cybersecurity Budget Work Harder
Cybersecurity is a growing concern for organisations across all industries, and budget requests are increasing as a result.
5 min
Vulnerability Management
How to Strategically Scale Vendor Management and Supply Chain Security
Here are simple changes that can help you provide more impactful supply chain security guidance and controls to decrease risk.
5 min
Russia-Ukraine Conflict
8 Tips for Securing Networks When Time Is Scarce
In light of increased cyber risk surrounding the Russia-Ukraine conflict, we’ve put together 8 tips that defenders can take right now to prepare.
4 min
Vulnerability Management
The VM Lifecycle: How We Got Here, and Where We’re Going
In this post, we explore the concept of a vulnerability management lifecycle, providing practical guidance and definitions.
6 min
Log4Shell
Log4Shell Strategic Response: 5 Practices for Vulnerability Management at Scale
Where do you begin to respond to a critical vulnerability like the one in Apache’s Log4j Java library (a.k.a. Log4Shell)? Start with these 5 concepts.
4 min
Ransomware
3 Strategies That Are More Productive Than Hack Back
Hack back, as used by non-government entities, is problematic for many reasons. Here are 3 alternative strategies to thwart the attackers.
3 min
Security Strategy
Kill Chains: Part 3→What’s next
As the final entry in this blog series, we want to quickly recap what we have previously discussed and also look into the possible future of kill chains.
2 min
Security Strategy
Kill Chains: Part 2→Strategic and tactical use cases
Let’s now take a look at how you can leverage the different kill chains to overcome vulnerabilities and win the day against attackers.
3 min
Detection and Response
Kill Chains: Part 1→Strategic and operational value
More recently, the term has been conscripted by the cybersecurity world to help businesses and security organizations go on the offensive, ensuring there are no gaps in their mitigation strategies and that their threat-hunting processes are sound.