BLOG

Insights from the ArmorPoint team.

Threat research, operational playbooks, and security leadership.

142 results · Page 7 of 12

Articles

How to Detect and Prevent Insider Threats

Insider threats, whether malicious or unintentional, are often more difficult to detect than external attacks and can cause significant financial damage. A proactive defense combines technology like SIEM and user behavior analytics with a comprehensive policy and regular security awareness training.

3 min read · aburgett
Read more →
Articles

Building Cyber Resilience with Scenario-Based Tabletop Exercises

Scenario-based tabletop exercises are crucial for building cyber resilience, as they test and validate an organization’s incident response plans in a simulated attack. These exercises help identify gaps, improve cross-departmental communication, and enhance decision-making under pressure.

5 min read · aburgett
Read more →
Articles

6 Core Components of Effective Phishing Simulation Programs

Effective phishing simulation programs are a vital component of a human-centric security strategy, as they help to assess vulnerabilities and educate employees. These programs should be strategically aligned with organizational goals, use realistic scenarios, and be integrated into a broader security framework for continuous learning and adaptation.

3 min read · aburgett
Read more →
Articles

Balancing Innovation and Security: AI in the Financial Sector

Financial institutions must integrate AI cautiously by balancing innovation with strong cybersecurity controls, including regular audits, risk assessments, and regulatory compliance. A proactive approach is essential to manage AI-related threats such as data leakage, model manipulation, and fraud.

4 min read · aburgett
Read more →
Articles

Selecting a Cybersecurity Consultant: Insights from a Seasoned vCISO

It’s no secret that with the increasing frequency and sophistication of cyber threats, companies are facing mounting pressure to protect their assets, data, and reputation.…

4 min read · aburgett
Read more →
Articles

A FinServ Leader’s Guide to Crafting a Risk Management Program

A robust risk management program for financial institutions must include four key stages: identifying assets and vulnerabilities, assessing risks, mitigating threats, and continuously monitoring for changes. A holistic approach that includes culture, technology, compliance, and incident response is essential for a resilient defense.

4 min read · aburgett
Read more →
Articles

The Role of Threat Intelligence in Security Operation Centers (SOC)

Integrating threat intelligence into a Security Operations Center (SOC) enables a shift from a reactive to a predictive security stance. By leveraging strategic, tactical, operational, and technical intelligence, an SOC can improve threat detection, anticipate risks, and optimize resource allocation.

5 min read · aburgett
Read more →
Articles

Implementing Effective Risk Assessments in FinServ

To combat rising cyber threats, financial institutions must implement effective risk assessments that combine both qualitative and quantitative analysis. These assessments should align with compliance requirements, such as FFIEC and PCI DSS, and result in a clear action plan presented to the board.

6 min read · aburgett
Read more →
Articles

Building a CTEM Framework: Understanding the Validation Stage

The validation stage of a Continuous Threat Exposure Management (CTEM) framework is crucial for a proactive security posture. It involves using a combination of vulnerability scanning, expert penetration testing, and automated breach and attack simulations (BAS) to continuously test and validate the effectiveness of security controls.

6 min read · aburgett
Read more →
Articles

Understanding Advanced Endpoint Protection

Traditional antivirus software is no longer sufficient; organizations need Advanced Endpoint Protection (AEP) that integrates EDR and XDR capabilities. AEP uses AI, machine learning, and behavioral analysis for real-time, proactive threat detection and response, offering a more dynamic defense against modern cyber threats.

4 min read · aburgett
Read more →
Articles

Automated Penetration Testing Services: 5 Things to Know Before You Buy

Automated penetration testing uses software to simulate attacks and identify vulnerabilities efficiently. Before purchasing, consider your organizational needs, evaluate vendors, ensure the tool integrates with existing security infrastructure, plan for staff training, and assess the cost-benefit ratio to make an informed decision.

8 min read · aburgett
Read more →
Articles

MDR vs. EDR: Key Differences and How to Choose the Best Solution

EDR provides endpoint-focused tools for threat detection and response, often requiring an in-house team to manage. MDR, a more holistic solution, combines technology with human expertise to offer 24/7 proactive monitoring, threat hunting, and incident response across the entire IT environment.

3 min read · aburgett
Read more →