Aggregator

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

Funny how excited people can get about something as simple as a sticker. They're always in hot demand and occupy an increasingly large portion of my luggage as we travel around. Charlotte reckoned it would be the same for other merch too, so, while I've been

This is how you handle cybercrime digital extortion! Coinbase was compromised by trusted 3rd party partners, which exposed customer data — but customer keys to their assets were still safe. The cyber criminals then attempted to extort $20 million from Coinbase, to keep the attack secret.

Coinbase’s answer: NO! Instead, they are creating a $20 million fund to help catch the attackers — thereby turning the tables on the extortionists!

This is AWESOME! Welcome to the big leagues!

This sends a huge message:

1. Coinbase takes security seriously and knows never to pay ransomware or other digital extortion. They are following common sense, that so many others ignore: Never give aid to your enemy!

2. It also signals to other potential criminals that Coinbase is a wasted effort, as they won’t pay. Why would a cybercriminal, who seeks personal financial gain, attack them if extortion is off the table?

3. By matching the ransom demands as a bounty for the attackers, they now must contend with the greed of their trusted 3rd parties that know who they are. How willing are their ‘friends’ to identify the attackers, for a sweet reward? The hunters now become the hunted. Brilliant!

4. With the loss of customer name and contact data, there may be some social engineering attacks, but Coinbase has already said they will make customer whole if that happens. Bravo.

5. Lastly, Coinbase is being transparent — which is exactly the opposite of what the attackers want. They are following the rule I taught my children — never do what the attacker wants, as they have a plan it always ends with them winning!

In cybersecurity we must manage risks. Most think it must be done exclusively with technology tools, but sometimes we can also discourage and dissuade attackers. What Coinbase has done is essentially target the cybercriminal Threat Agents, by using psychological deterrence. Future criminal attackers will not want to be in a position where they waste efforts to only become a target themselves.

This is a playbook for every company out there that is at risk of ransomware or other digital extortion! Craft your defense and response capabilities to be able to respond like Coinbase, in the unfortunate event of a breach.

My absolute congratulations and respect to Coinbase executive leadership: Brian Armstrong CEO, Jeff Lunglhofer CISO, and Philip Martin CSO

The post Coinbase Hacked and Turns the Tables on the Cybercriminals! appeared first on Security Boulevard.

Are You Proactively Managing NHIs and Secrets for Cloud Security? Safeguarding Non-Human Identities (NHIs) and secrets are pivotal. Careful management of these crucial elements can profoundly enhance our control over cloud security. Are organizations deploying proactive security measures to stay ahead of data breaches? Understanding NHIs and Secrets in Cybersecurity It is essential to consider […]

The post Stay Ahead of Security Breaches with Proactive Measures appeared first on Entro.

The post Stay Ahead of Security Breaches with Proactive Measures appeared first on Security Boulevard.

Why is Efficient Identity Management Key to Empowering Teams? Consider this, why is managing non-human identities (NHIs) and secrets vital to the overall cloud security strategy? An increasing number of organizations are realizing the substantial role of NHIs in empowering their teams. It’s not just about managing identities and their respective secrets, but also about […]

The post Empowering Teams with Efficient Identity Management appeared first on Entro.

The post Empowering Teams with Efficient Identity Management appeared first on Security Boulevard.

Is Your Organization Prepared for Future Security Challenges? When it comes to strategic planning, one detail often overlooked by businesses is whether their cybersecurity measures are scalable for future growth. With operations expand, so does the complexity of your digital. How do you ensure the security of your business assets? Non-Human Identities (NHIs): The Silent […]

The post Are Your Security Measures Scalable for Growth? appeared first on Entro.

The post Are Your Security Measures Scalable for Growth? appeared first on Security Boulevard.