October 14, 2021
ISSP co-organizes "Cybersecurity Challenges in Ukraine & Globally" roundtable in Washington
Last week, ISSP CEO Roman Sologub and Chairman of the Board Oleh Derevianko participated in a roundtable in Washington, D.C., titled “Cybersecurity Challenges in Ukraine and Globally – Lessons learned from recent cyber-attacks in Ukraine.” The roundtable was organized by the U.S.-Ukraine Business Council (USUBC) in partnership with ISSP.
During the discussion, Roman Sologub and Oleh Derevianko shared what ISSP learned as an investigator of and the first responder to some of the most devastating cyberattacks against critical infrastructure in Ukraine.
September 10, 2021
Addressing Cybersecurity in a Holistic Manner with ISSP Cybersecurity Preparedness Framework
The ISSP CPF was developed based on 12 years of working in cybersecurity domain, including on the frontlines of modern cyber war in Eastern Europe, and hundreds of projects ISSP implemented with private and public customers and partners globally. The framework is applicable to cybersecurity preparedness assessment and improvement at the level of individual organizations, for the whole industries as well as national cybersecurity. It is currently used by USAID Cybersecurity for Critical Infrastructure in Ukraine Activity, a 4-year program with the purpose to strengthen the resilience of Ukraine’s critical infrastructure from cyberattacks.
June 15, 2021
ISSP Offers Cybersecurity Solution for Startups
ISSP is offering a new Cybersecurity for Startups solution that includes tailored incident detection, vulnerability management, and threat hunting services. These services are customized for each customer based on analysis of their business and a top-level audit of their cybersecurity posture and are augmented by continuous virtual CISO and consulting services.
The Cybersecurity for Startups solution involves onboarding to the ISSP Security Operations Center (SOC), which works as an extension of a customer’s IT department or security team. It is the job of SOC experts to detect anomalies, identify known adversarial techniques, and hunt for indicators of compromise.
May 4, 2021
3 Reasons You Can’t Fully Trust Your Security Tools
And What You Can Do about It
How well are organizations protecting themselves against cyber threats and what is the overall effectiveness of their security infrastructure? The recent Mandiant Security Effectiveness Report 2020 released by FireEye shows that companies are at much greater risk than they realize.
Organizations make significant investments in security infrastructure, hire and train cybersecurity teams, and put processes in place to protect critical assets. But research shows that without evidence of security performance, organizations are operating on assumptions that don’t match reality and leave them with significant risks.
January 11, 2021
Three trends in cybersecurity in 2021
Among all types of organizations, banks have been and remain the first in matters of information and cybersecurity, using ever newer technologies, systems, and approaches. Therefore, to find out what information security will look like and how it will be managed tomorrow, we need to look closely at banks. Today, we see that banks’ approaches to cybersecurity are changing. The first trend concerns employees, the second is a paradigm shift in the use of technologies and services, and the third is a change in processes.
November 20, 2020
What if some of your computers survive a cyberattack?
Imagine that your organization becomes the victim of a cyberattack that paralyzes your information systems. Your IT and security departments work hard to bring the damaged infrastructure back to life and discover that around 10% of your computers were unaffected. They might sigh in relief assuming there’s less work to do to mitigate the consequences of the attack. But this is where they can be totally wrong…
August 16, 2020
ISSP Starts Operations in Canada
Information Systems Security Partners (ISSP), the international cybersecurity company called “the go-to firm for the victims of Ukraine’s cyberwar” by Wired, has opened its offices in Toronto and Vancouver, Canada. After nearly two years of market research and preparations in developing local capabilities, the company has started its operations in North America and is ready to offer advanced managed security services to organizations of all sizes within every sector in Canada.
June 26, 2020
A Cybersecure Way to Return to the Office after Lockdown
When the coronavirus pandemic started and companies sent their employees to work from home, it gave hackers new opportunities to penetrate corporate networks. Information security services in many organizations faced new threats as staff left the protected perimeter. Now that governments worldwide are gradually lifting restrictions and employees are starting to return to their offices, additional opportunities arise for hackers and security departments are in for new challenges.
March 19, 2020
ISSP Continues Operations in Face of COVID-19 Epidemic
In the face of the COVID-19 epidemic, we want to assure all our customers and partners that the ISSP team continues to operate in accordance with our emergency action plan and maintains the highest level of protection and security of your company's information networks and systems.
Despite the likelihood of increasing number of cyber attacks (APT and phishing attacks), all ISSP services are fully operational, and we continue to provide you with the highest quality services.
February 10, 2020
SOC for Small & Medium Size Businesses
ISSP Security Operations Center (SOC) offers an advanced threat detection security monitoring service that provides reliable IT infrastructure protection and is available and affordable for small and medium-sized organizations. This service is built around detecting anomalies, identifying known adversarial techniques and hunting for indicators of compromise. It offers all the capabilities of advanced SOC tools and access to an experienced team of analysts and threat hunters for less than the cost of employing one full-time security specialist.
October 30, 2019
Cyberattack on Georgian Websites Explained
“As we can see, this was not a coordinated attack on many targets but a breach of one web hosting provider's infrastructure. This is a typical example of a supply-chain attack. IT-service providers are always very attractive targets for cyberattacks. If we remember NotPetya, that attack also started with the breach of the infrastructure of a software developer, whose product was used by hundreds of thousands of other companies.”
September 4, 2019
ISSP Presents at National Asset-Liability Management Asia Conference in Singapore
Oleksander Sirotin, Critical Infrastructure Program Manager, ISSP, will speak about understanding the risk of banking in the age of cyber crime and will share the latest methods and evolution of financial fraud as well as efficient tools for fraud prevention and compromise assessment in complex financial institutions.
August 14, 2019
Two Years After NotPetya. Cyberattacks Never Stop for a Moment
Today at ISSP, we keep witnessing how adversaries keep trying and testing new cyberattack technologies, tactics, techniques, and procedures while attacking both private and public sector organizations, new breaches happen regularly, and attackers keep capturing infrastructure targets that are of interest for them.
June 27, 2019
ISSP Chairman Oleh Derevianko Spoke at Behind the Digital Curtain Conference in Brussels
The conference brought together experts in the fields of cyber security, politics and civil society from Ukraine and different European countries who discussed what can potential cyber impact on the elections in Ukraine and in Europe be, whether governments and private companies are likely to discover and attribute cyber operations, what the vulnerabilities of internet of things and devices that control critical infrastructure are and other issues.
May 20, 2019
Case Study Ukraine: A Look at the Laboratory for Cyber War Presented at Berlin CyberSecurityForum
On May 16-17 Oleh Derevianko, Co-Founder and Chairman of the Board of ISSP, participated at The Aspen Institute Germany's Berlin CyberSecurityForum where he spoke at the opening panel discussion about the Great Cyber Game as well as delivered one hour break-out session entitled „Case Study – Ukraine: A Look at the Laboratory for Cyber War“.
May 2, 2019
ISSP Participated in Fortinet Security Day 2019 in Kyiv
Having more than 20 years of experience in APT detection, cyber-attack investigations, malware analysis and threat hunting, Oleksiy Yasinskiy, Head of ISSP Labs & Research Center, was involved in the investigation of some of the world’s most sophisticated cyber-attacks. Based on his experience he argued that traditionally organizations tend to focus on protecting the perimeter of their information and communication systems, but cyber criminals eventually breach every layer of defense, and protection from intrusion becomes virtually impossible.
April 22, 2019
ISSP Becomes Forcepoint Platinum Partner
ISSP has been working in partnership with Forcepoint for 10 years and has built a wealth of skills and experience around Forcepoint solutions.
“We know exactly how Forcepoint technologies meet the needs of our customers”, says Roman Sologub, ISSP CEO. “In the recent years, our experts have reached the top level of technical expertise by implementing Forcepoint Platform in numerous integration projects”.
April 4, 2019
LE MONDE - Ukraine, Favorite Target of Russian
Hackers (in French)
According to a report recently provided to the World by the Ukrainian Prime Minister, Volodymyr Hroisman, about 10% of the computers of the country's companies were destroyed on this occasion, 1,500 companies and organizations reported themselves as victims. A report likely underestimated according to the firm Information Systems Security Partners (ISSP), which studied the damage closely and saw a "massive and coordinated cyberinvasion". Eight months later, the United States and their closest allies have confirmed the diagnosis of most analysts and observers: Russia is responsible for "the most destructive and costly cyber attack in history".
February 15, 2019
POLITICO - How Ukraine Became A Test Bed For Cyberweaponry
To see the warfare of the future, head to the top floor of a nondescript office tower on a potholed street on the scruffy outskirts of Ukraine’s capital. There, next to a darkened conference room, engineers sit at dark gray monitors, waging war with lines of code.
“Attacks are happening every day,” says Oleh Derevianko, founder of the Ukrainian cybersecurity firm that employs them, Information Systems Security Partners. “We never thought we were going to be the front line of cyber and hybrid war.”
October 12, 2018
How Can an Organization Understand if It Is Under Attack or at Risk?
Every company must accept the fact that cyber criminals will eventually breach its defense perimeter. It is obvious simply because they have an unlimited number of tries and methods to avoid systems of active perimeter defense. And before they are detected attackers remain inside an organization’s infrastructure for 160-469 days. The process of detecting intruders is generally rather complex, time and resource consuming. Therefore, telling if an organization is compromised is rather challenging.
October 4, 2018
ISSP Chairman Oleh Derevianko Participated at the Atlantic Council’s Global Forum on Strategic Communications
Speaking at the ‘Solving Cyber Threats to Critical Infrastructure’ workshop Oleh Derevianko shared his ideas about what needs to be done to help effectively protect critical infrastructure from the always evolving cyber threats. Having a strong presence in the countries at the front line of cyber and hybrid war, such as Ukraine, and serving both private and public sectors, ISSP provides unique expertise for APT attacks analysis, detection and response.
June 22, 2018
WIRED - The Untold Story Of NotPetya, The Most Devastating Cyberattack In History
OLEKSII YASINSKY EXPECTED a calm Tuesday at the office. It was the day before Ukraine’s Constitution Day, a national holiday, and most of his coworkers were either planning their vacations or already taking them. But not Yasinsky. For the past year he’d been the head of the cyber lab at Information Systems Security Partners, a company that was quickly becoming the go-to firm for victims of Ukraine’s cyberwar. That job description didn’t lend itself to downtime. Since the first blows of Russia’s cyberattacks hit in late 2015, in fact, he’d allowed himself a grand total of one week off.
July 4, 2017
BBC Future - The Day a Mysterious Cyber-Attack Crippled Ukraine
On the morning of Tuesday, 27 June, Oleh Derevianko, the head of Kiev-based cybersecurity firm Information Systems Security Partners (ISSP), was at Bessarabska market, a popular food market in the heart of downtown. Derevianko was picking up a few things before heading out for the 300km drive to his parents’ village. Wednesday was constitution day in Ukraine, a national holiday, and he’d be using the mid-week break to spend a couple days with his kids. The kids usually spend two months of their summer holidays at their grandparents’ village home, so this was a rare chance for some summer fun together.
June 20, 2017
WIRED - How an Entire Nation Became Russia's Test Lab for Cyberwar
The clocks read zero when the lights went out.
It was a Saturday night last December, and Oleksii Yasinsky was sitting on the couch with his wife and teenage son in the living room of their Kiev apartment. The 40-year-old Ukrainian cybersecurity researcher and his family were an hour into Oliver Stone’s film Snowden when their building abruptly lost power.