Just because your data is backed up in the cloud that doesn’t mean it’s safe. It can still be compromised, stolen and held to ransom.

In this scenario, a company faced a loss of business continuity when it couldn’t get its back up from the cloud.

Login credentials are a prime target for cybercriminals and can fetch a high price on the Dark Net - are yours fully protected?

Learn how criminals are targeting your organization, how to respond if accounts are compromised, and how to prevent future attacks.

Is your network as secure as you think? You may be protected from outside threats, but have you considered the internal ones?

In this investigation, see how access from the inside led one cybercriminal to misuse payment card data for their own financial gain.

Sometimes attackers care less about your proprietary information and more about your processing power - using it to mine cryptocurrency.

This incident demonstrated how a strong firewall can be undone by missed security patches, and a client’s system exploited by miners.

“Mimikatz” is a credential theft tool favored by particular nation-states to scrape memory of processes responsible for authentication.

See how investigators found the problem in this scenario, and how further training can help protect you from similar attacks.

Frozen, or broken, online payment pages are more than just an annoyance to customers, they could be a sign of a breach.

In this case, a checkout page sent payment card data to an external domain - thanks to five lines of code that shouldn’t have been there.

Your industrial control systems are a prime target for criminals - are you able to protect them if your network is compromised?

Something as innocent as a word document sent via email was enough to compromise the network and disrupt operations in this scenario.

Identity theft is still as prevalent as ever - and with so many connected devices, criminals have even more avenues to access your data.

Malicious email attachments and compromised tablets were to blame for the identity theft in this investigation.

Most businesses rely on third parties, especially for payments. But have you performed adequate checks on their security compliance?

If a vendor is compromised, you could be too. That’s exactly what happened in this investigation thanks to an unsecure PoS system.

Attacks can start in the supply chain, before you own a system. But if scans reveal nothing abnormal, how can you find the problem?

In this case, investigators had to dive all the way into the firmware to discover where the culprit was hiding-and how it got there.

When it comes to finances, it’s important that your employees remain vigilant at all times - are yours performing adequate checks?

Trying to pay invoices on time meant one employee failed to perform adequate security checks and handed over the cash in this scenario.

Your network may be safe from external threats - but what if a disgruntled employee used their privileged access to wreak havoc?

A recently terminated employee was to blame for this breach, using their access rights to introduce malware and steal data.

Is your business running legacy web applications? They could be the vulnerability cybercriminals are looking for.

A recruitment hackathon using legacy web apps gave a cybercriminal the opportunity to steal personal identifiable information.

Don’t wait to be a victim of a cyberattack before you re-evaluate your defenses - penetration tests now could save you in the future.

Penetration tests exposed many weaknesses in this company’s wireless network - luckily it wasn’t real criminals trying to get in.

If you use a co-location data center, you need to know who does what in the event of a data breach - and how this impacts investigations.

This incident shows how a third party can complicate an investigation and cause precious delays to incident response times.

If your users were locked out of their accounts, you’d assume the worst. But what if your cyberattack isn’t an attack at all?

In this case, what looked like a distributed denial of service attack locking users out, was actually overzealous penetration testing.

If you got a call from a senior executive asking for help logging in, you’d help them. But what if they’re not who they say they are?

In this scenario, the IT help desk was duped into handing out confidential information by a criminal claiming to be a senior executive.

To limit the impact of a data breach, you need to act quickly and investigate. But don’t jump to conclusions.

In this case, everything pointed to an inside job. But accountants were had been tricked into installing malware.