Professional & Organized: How the GTSEZ Encourages the Multi-functional Criminal Enterprise, and What To Do About It By Chuck Mackey Introduction In Part 1, we introduced you to the Golden …
The Golden Triangle: Welcome to the Modern Wild, Wild, East (Part 1)
Introduction In 2007, the Lao government, in collaboration with the Hong Kong-registered Kings Romans Group, established the Golden Triangle Special Economic Zone (GTSEZ)[1] in the Ton Pheung District of Bokeo …
Understanding the Known Knowns, Known Unknowns, and Unknown Unknowns in Cybersecurity
In cybersecurity, navigating the murky waters of risk management requires a deep understanding of the “known knowns,” “known unknowns,” and “unknown unknowns.” These concepts, borrowed from military strategy, are incredibly relevant as businesses face increasingly sophisticated cyber threats in a constantly shifting landscape.
How the Grinch Stole Your Cookies: A Christmas Tale of AiTM Phishing Attacks
In the bustling city of Cyberville, the holiday season was in full swing, while a sinister threat lurked in the shadows of the digital world.
A Quick Case Study in Zero Trust Architecture
By Chuck Mackey, Fortress Security Risk Management Senior Security Principal You work in a bustling hospital. Physicians, nurses, and administrative staff are constantly on the move, accessing patient records, medical …
Is Your Cyber Tech Stack the Right One?
Is your cybersecurity ecosystem future-ready, agile, and aligned with your business goals? If not, it’s time for a serious upgrade.
“My Data is Safe in the Cloud”—Truth or Dangerous Fallacy?
In the Cloud, safety is a shared responsibility—one that businesses must take seriously to protect their most valuable asset: their data.
Shadow IT – The Silent Cyber Threat Lurking in Your Organization
As cyber threats advance, Shadow IT represents an unnecessary vulnerability. With the right approach, organizations can close these gaps.
The Critical Role of Adaptive Enterprise Resiliency in Cybersecurity
In the modern cybersecurity landscape, adaptive enterprise resiliency has emerged as one of the most critical factors in determining whether a company can weather the storm of a cyber-attack. It’s no longer just about preventing breaches but also about how quickly and effectively an organization can react when one occurs. Resiliency in this context is not static; it’s dynamic, responsive, and adaptable.
Tipping Point: When does Potential Risk become Kinetic Risk in Cyber?
In the world of cybersecurity, distinguishing between potential and kinetic risk is a challenge that defines an organization’s ability to mitigate cyber threats before they cause harm. Potential risk refers to vulnerabilities that, if left unaddressed, could lead to an attack. Kinetic risk, on the other hand, represents the perilous tipping point at which that vulnerability has been exploited, causing actual damage—data breaches, ransomware attacks, or system downtimes. But how do organizations understand when potential risk transforms into kinetic risk?