See what caught the eyes of Cyber Resilience Insights readers this quarter.

GettyImages-915741300.jpg

With the first quarter of 2019 drawing to a close, we wanted to provide you a one-stop shop for the most-read new content we've posted on Cyber Resilience Inights so far. Below you find links and summaries for the 10 most-read blogs of the first quarter of 2019. 

We hope that you'll revisit content you have have come across already or find something new and insightful as you consider how best to navigate your cyber resilience journey.

We thank you for your readership and continued support as we turn the corner from winter into spring.

Reminder: if you haven't subscribed to Cyber Resilience Insights yet, you're missing out on a weekly roundup of all our content. You can sign up here. It's as simple as typing in your email address and hitting "Subscribe Now." That's it. It'll be the easiest thing you do all day.

Now, onto our quarterly top 10:

2019 Cybersecurity Trends to Watch - Jan. 8

Boris Vaynberg took a look ahead in January to what he expected to be the big cybersecurity trends of the year. The four main ones he identified were phishing campaigns, memory-based exploits, cryptomining and Internet of Things (IoT) security. It will be interesting to look back at the end of 2019 on these areas.

Mimecast Discovers Microsoft Office Product Vulnerability CVE-2019-0560 - Jan. 8

Matthew Gardiner offered a summation of a significant finding in 2018 by the Mimecast Research Labs team that showed Microsoft Office files using ActiveX controls were causing memory leaks. Microsoft issued the above CVE number in response and patched the vulnerability.

The Return of the Equation Editor Exploit - DIFAT Overflow - March 5

The Mimecast Research Labs team returned in March with a detailed technical analysis of an exploit discovered as part of its research. Mimecast Chief Scientist for Advanced Threat Detection Meni Farjon went on a deep dive of the issue, which chains together a patched memory corruption issue in Word files with a vulnerability in the Object Linking and Embedding file format.

GandCrab Ransomware Attacks Exploit Valentine's Day Weakness - Feb. 14

One more from our Research Labs team: In the run-up to this year’s Valentine’s Day, cybercriminals played on people’s emotions to entice them to click on malicious URLs and open malicious attachments. They did this using the GandCrab ransomware-as-a-service kit, and Josh Douglas provided a rundown of the details.

March Email Security Risk Assessment Report: A Focus on Office 365 - March 6

Our 8th Email Security Risk Assessment (ESRA) report was released at the beginning of March, and for the blog this time around, Matthew Gardiner focused on the results as they related to performance of the Microsoft Office 365™ email security service. You might be surprised at what the services misses.

How Do You Roll Out a Threat Intelligence Program? - Jan. 22

Cyber Resilience Think Tank member Malcolm Harkins provided expert insight on what it takes for organizations to roll out programs related to cyber threat intelligence. He offered a four-part methodology any organization can follow to get started.

New Year, New Prices: Bridging the Cyber Divide - Jan. 31

In the January edition of his blog series on helping non-technical people in an organization understand the importance of cyber resilience, our COO Ed Jennings examined how companies should evaluate their security vendors on an annual basis and make them earn your money.

Understanding Threat Intelligence: Seeing Beyond Indicators of Compromise - March 5

What is cyber threat intelligence? It can't be just about subscribing to multiple data feeds and hoping for the best. In this post introducing the way Mimecast promises to approach threat intelligence, Josh Douglas argues for a more wholistic approach and using multiple tactics to achieve the goals set forth by threat intelligence.

Threat Intelligence for the 99% - Part 8: Final Thoughts & Takeaways - Feb. 20

This post from Marc French was the last in our eight-part series on how any organization can approach threat intelligence and roll out their own program. His big takeaways including: choosing feeds wisely, constantly checking your work, reporting on your success and sharing what you find.

Email Security for the Healthcare Industry: Time For a Checkup? - Feb. 11

Matthew Gardiner pulled the numbers from the December ESRA report to show that email security systems for healthcare organizations are lacking behind their peers at a time when attacks continue to rise.

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

The Return of the Equation Editor Exploit – DIFAT Overflow

The latest from Mimecast Research Labs. …

The latest from Mimecast Research Labs. Summary In the last… Read More >

Meni Farjon

by Meni Farjon

Chief Scientist for Advanced Threat Detection

Posted Mar 01, 2019

The Evolution of CISO Strategies

How has the CISO role changed through th…

How has the CISO role changed through the years? Charles Da… Read More >

Boris Vaynberg

by Boris Vaynberg

VP and GM for Advanced Threat Detection

Posted Mar 15, 2019

The 10 Most-Read Cyber Resilience Insights Blogs of 2018

A look back at the year in cyber resilie…

A look back at the year in cyber resilience. Before we turn… Read More >

Jake O'Donnell

by Jake O'Donnell

Global Editorial Content Manager

Posted Dec 18, 2018