Architecting a Future-Proof Cybersecurity Program

Architecture matters. This is true across many aspects of our lives, from buildings to software to cybersecurity. For example, we have all encountered buildings that have been retrofitted or remodeled, and as a result become awkward and inefficient. For example, on a recent trip to New York City, I visited a building that had been designed and constructed in the 1920s in fabulous Art Deco style. But 100 years later, the lobby area was cramped and overly crowded with barriers, checkpoints, and security screening hardware. This once airy and elegant lobby was simply not designed to accommodate today’s X-ray machines and metal detectors and suffered as a result.

Like buildings,?cybersecurity program architecture matters. By?program architecture, we mean the organizational structure, processes, tools, and information flows that are used by an enterprise to execute a given function. Cybersecurity architecture manifests itself in ways as simple as a reporting hierarchy, or in more complex ways such as task handoffs between teams, or a set of tools, technologies, and partnerships.

There’s an art to?creating a cybersecurity program?that can smoothly handle unknown or unexpected changes. This in essence is the definition of?future-proof, which should be the goal of every cybersecurity program. But how do we achieve this??

Read the blog to learn: How to Architect a Future-Proof Cybersecurity Program | Secureworks

NICKEL TAPESTRY Infrastructure Associated with Crowdfunding Scheme

Secureworks? Counter Threat Unit? (CTU) researchers are investigating network infrastructure links between North Korean IT worker schemes and a 2016 crowdfunding scam. The CTU? research team attributes the IT worker schemes to the?NICKEL TAPESTRY?threat group.

In September 2018, the U.S. Department of Treasury's Office of Foreign Asset Control (OFAC)?designated?two information technology companies as violating sanctions, including operating as front companies to facilitate employment of North Korean IT workers and channeling illicit revenue to North Korea (officially the Democratic People's Republic of Korea (DPRK)) from overseas IT workers. The designated companies were China-based Yanbian Silverstar Network Technology Co., Ltd (“Yanbian Silverstar”) and Russia-based Volasys Silver Star. Yanbian is a Korean?autonomous prefecture?in Jilin, China, located near China's border with North Korea.

According to a U.S. Federal Bureau of Investigation (FBI)?affidavit?filed in October 2023, multiple accounts used by Yanbian Silverstar freelancers were accessed between 2018 to 2019 from IP address 36 . 97 . 143 . 26 . This IP address resolves to a dedicated server geolocated in Jilin, China. The affidavit provides evidence that North Korean IT workers were living in China and working at Yanbian Silverstar. The CEO of Yanbian Silverstar and Volasys Silver Star, a North Korean national named Jong Song Hwa, was also designated in the affidavit.

Learn more here: NICKEL TAPESTRY Infrastructure Associated with Crowdfunding Scheme

Maximizing Your Security with XDR: Essential Strategies and Guidance with Frost & Sullivan

With a 30% increase in new ransomware groups last year, organizations need comprehensive security solutions to stay ahead of cyber threats. Join us for an insightful webinar, hosted in collaboration with Frost & Sullivan, to take a deep dive into the extended detection and response (XDR) landscape. Get the knowledge and tools you need to evaluate solutions effectively, prioritize essential capabilities, and maximize the value of your investment post purchase. Whether you're in the process of selecting an XDR solution or looking to enhance the effectiveness of your current deployment, this webinar will provide you with actionable strategies and expert guidance to strengthen your security posture.

Listen in to the webinar to get expert insight on current market trends, key players, and the critical features that differentiate leading XDR solutions

Webinar: Expert XDR Insights From Frost & Sullivan