35% of Users Have Weak Passwords; the Other 65% can be Cracked

Posted by Eran Cohen on Mar 13, 2017 5:00:00 AM

Password leaks from public breaches help us learn how people think, allow us  to identify patterns and build dictionaries of passwords. As password cracking methods evolve, Upper characters, Lower characters, Special characters and Digits (ULSD) recommendations and password complexity mean less.

Read More

Topics: Credential Compromise, Passwords, CISO

Analyzing User Behavior is the Beginning. How It's Applied is What Really Matters.

Posted by Eran Cohen on Mar 3, 2017 2:59:40 PM

Think about this statement: “Half of the people you know are below average.” In simple terms, it means that statistically most of the people you know are considered to have average intelligence, or just below or above the line. Does this mean they are dangerous? Does it mean you should reconsider your friendship? Let’s not jump to conclusions just yet.

Read More

Topics: ueba, Behavioral Firewall, User and Entity Behavior Analytics, CISO, Use Case

The IT Security Flip: Insider Threats Capturing More Mindshare

Posted by Ajit Sancheti on Dec 9, 2016 10:56:17 AM

Every once in awhile, a survey provides insights that at first glance don’t seem out of the ordinary. They generally validate a hypothesis. That is why we were somewhat surprised when we commissioned a survey of IT security professionals working in enterprises large and small.

Read More

Topics: Insider Threats, CISO

Study Finds Insider Threats Becoming More Concerning than External IT Security Threats

Posted by Heather Howland on Dec 1, 2016 6:09:40 AM

The macro trend for IT security professionals is shifting. The security risk of insider threats is real and  has become of equal importance to organizations. Insider threats take many forms - from employees bending the rules to get their jobs done more efficiently, to unhappy employees with malicious intent, to  workers who unintentionally install malware, and even 3rd party vendors or partners that don’t follow security policies.

Read More

Topics: CISO, Insider Threats, Security Skills, Privileged Users

7 Best Practices for Fighting Corporate IT Security Risks

Posted by Ajit Sancheti on Nov 28, 2016 1:37:14 PM

Even though Cyber Security Awareness month has passed, it is important to remain diligent and and stay aware to defend yourself from threats. I recently worked with CSO Magazine to put together a series of best practices that organizations and their users should follow (both in and out of the corporate network) to minimize threats and reduce risk.

While IT security education may be part of an organization’s onboarding process, many people still don’t realize that they shouldn’t open an email from an unidentified source, or even those from a friend or coworker that have uncharacteristic links or text. And inevitably they still do.

Read More

Topics: CISO, Risk, Multi-factor Authentication, Identity Verification

How Much Management Do You Need to Dedicate to UEBA? [Part 5 - Blog Series]

Posted by Heather Howland on Nov 11, 2016 4:54:15 PM

In this final blog of the series “A Closer Look Inside UEBA: Top 5 FAQs,” we’re going to discuss what it takes to manage UEBA and how it can make security teams much more efficient and less overwhelmed. 

Read More

Topics: ueba, CISO, Security Skills

How to Get Quick Time to Value with UEBA / Behavioral Firewalls [Part 4 - Blog Series]

Posted by Heather Howland on Nov 4, 2016 8:10:20 AM

This is part 4 of an ongoing series of posts that answer “A Closer Look Inside UEBA: Top 5 FAQs.”  In our last post in the series we talked about the benefits of UEBA solutions. This week let’s take a look at the question that is on the mind of every budget-minded and busy security professional:

Read More

Topics: ueba, Behavioral Firewall, CISO

Top 4 Security Themes from Financial CISOs - Insider Threat a Universal Priority

Posted by Ajit Sancheti on Oct 28, 2016 8:35:50 AM

This week, Preempt had the opportunity to participate in the annual FS-ISAC Fall Summit 2016 in Nashville, TN.  FS-ISAC ( which stands for Financial Services Information Sharing and Analysis Center) is the financial industry's go to resource for cyber and physical threat intelligence analysis and sharing. The Fall Summit brought together over 700 C-level and Sr-level financial services professionals as well as Security executives across the globe to discuss the latest information on threats, sharing of best practices and trends across the sector.

Read More

Topics: Insider Threats, Risk, CISO

The “Crying Wolf” Rating and Other Security Investment Qualifiers

Posted by Steve Herrod on Oct 27, 2016 3:50:21 PM

There is a lot of noise in the cybersecurity space with every company trying to differentiate itself by claiming to be the “next big thing”, but so few have risen to the top. And the security market has changed a lot in the past couple years. As a venture capitalist, I often get asked about how I see the market changing and how we cut through the noise to find and fund companies that are doing something truly unique and innovative and that really solves customer problems.

Read More

Topics: CISO, ueba, Security Skills, Insider Threats

Adaptive Security Architecture and UEBA in Gartner's Top 10 Tech Trends 2017

Posted by Heather Howland on Oct 19, 2016 1:59:33 PM

This week at the Gartner Symposium and ITxpo, David Cearley, Gartner Vice President and Fellow discussed the Top 10 Technology Trends of 2017 and their impact on IT and operations over the next 5 years. With cyber attacks showing no sign of waning anytime soon, it’s no surprise that the macro trend of an Adaptive Security Architecture is highlighted again this year. The the report focused more on importance of User and Entity Behavior Analytics (UEBA) as a component of this architecture as well.  

Read More

Topics: ueba, CISO, Behavioral Firewall, Adaptive Response