Insights
-
BlogBetter Without Betterment
Every day, Kivu engages with clients recovering from devastating ransomware attacks. Usually, that entails discussing a client’s recovery needs with its insurer to determine whether recovery can be reimbursed. Kivu's Vice President of Advisory Services, Adam Tyra's most recent article dives into the concept of "betterment" and offers guidelines to define "betterment".
-
BlogMalvertising
There are many vulnerabilities that criminals can exploit for a ransomware event, and organizations must account for them all. Well-known tactics like phishing and brute force attacks receive the most attention. However, more obscure threats like “malvertising” can also become the organization’s Achilles heel.
-
BlogCan Organizations Still Pay Ransomware Demands?
The Russian conflict against Ukraine brought devastating impacts for both nations. Beyond the initial tragedy, as fighting continues and sanctions sink in, government and industry can expect cascading implications of a global magnitude. Those implications include greater cyber risk. What does that mean for paying ransom demands?
-
BlogConflict in Ukraine Shows Cyberattack Potential in the Battlefield
While far from the front lines, US companies clearly have an increased cyber risk from the Russian instigated conflict against Ukraine. After Russian military hackers carried out intensive cyberattacks against several of Ukraine’s banks and government websites, Britain's National Cyber Security Centre (NCSC) warned of potential cyberattacks with "international consequences."
-
Blog, ResourcesNavigating the First 48 Hours of a Cyberattack
With the growth of frequency and sophistication of cybercrime, organizations must prepare and remain vigilant for this leading risk. Kivu Consulting offers the following roadmap for organizations to find solid footing during a ransomware event.
-
BlogMFA No Longer an Obstacle for Threat Actors
As employers allow more employees to work from home, safeguarding company networks continues to be a challenge. To mitigate the increased risk from phishing campaigns targeting remote workers, many companies have adopted two-factor authentication (2FA).
-
Blog, ResourcesRansomware Report 2022
Ransomware is a costly and devastating business interruption that will continue to be the largest security issue in 2022.Download Kivu Consulting’s 2022 Ransomware Report for a breakdown of the 2021 ransomware landscape, ransom payment trends, and for information on navigating negotiations.
-
BlogLogj4 Vulnerability Update
On December 9, 2021, an exploit proof-of-concept was made publicly available for a vulnerability in open-source logging utility, Apache Log4j versions 2.14.1 and below. This exploit, CVE number 2021-44228, allows attackers to force vulnerable applications to remotely run arbitrary code without authentication, resulting in a complete compromise of the application and the system running the application.
Contact Us
See something of interest? Reach out and we would be happy to discuss opportunities with your you.