Is your Security Operations Center (SOC) truly prepared for today’s evolving threats? A well-functioning SOC is more than just the latest SIEM or SOAR tool—it’s about people, processes, and playbooks working together seamlessly. At TBDCyber, we help organizations evaluate and enhance their SOC programs to ensure compliance, efficiency, and resilience against cyber threats. In this video, Kyle Shubin, Senior Manager at TBDCyber, walks through key areas of a SOC assessment: ✅

Security shouldn’t be an afterthought. Today in this short video, Bahaa Kutub, CISSP, Director at TBDCyber, breaks down why secure software development is critical in today’s threat landscape—and how you can build security in from the start. Too often, organizations scramble to fix vulnerabilities after release—wasting time, money, and risking reputation. But there’s a better way. ✔️ Threat modeling ✔️ Secure coding practices ✔️ Security testing ✔️ Code reviews When these ele

Struggling to scale your third-party risk management program without blowing your budget? In this video, Joe Mendygral, who leads Third-Party Risk at TBDCyber, shares how we helped an organization boost analyst productivity by 250%—without compromising risk insight. How? 🔹 Smarter use of security monitoring tools 🔹 Streamlined surveys for inherent risk + security controls 🔹 Thoughtful automation through existing platforms If you’re trying to assess thousands of vendors eff

Most organizations outsource IT services or MSSPs—but third-party risk often gets overlooked. In this quick video, Joe Mendygral, who leads our TPRM services at TBDCyber, shares how we help clients: ✅ Assess vendors ✅ Identify and remediate risk ✅ Provide clear, actionable reporting ✅ Scale from 10 to 100,000 vendors ✅ Tailor programs to your security framework or unique needs

In this short video, our CISO, Zach Luze, breaks down how DSPM: Maps your sensitive data across repositories Connects with vulnerability management tools to pinpoint high-risk assets Provides leadership with clear expectations and insights for better decision-making

Graeme Payne, Co-Founder and Senior Partner at TBDCyber, shares his thoughts on how CISOs can navigate digital transformation and cyber risk in this short video.

Author: Zach Luze, TBDCyber CISO and Director of Data and Security Architecture Data Security Posture Management (DSPM) is generating buzz with its scalability, advanced classification, and broad coverage. But buying a DSPM solution isn’t a plug-and-play decision—it requires careful evaluation. Here’s what I tell clients to consider before investing. 1. Know what DSPM does– and doesn’t– do DSPM identifies where sensitive data lives, highlights vulnerabilities, and prioritize

Author: Kyle Shubin, Senior Manager TBDCyber Introduction Effective incident management doesn't end with resolving a security breach. It involves a crucial phase known as post-incident response, where organizations reflect on the incident experience and adapt their strategies to improve future defenses. This phase plays a significant role in building organizational resilience. This article underscores the necessary steps organizations should take after resolving a security

Author: Kyle Shubin, Senior Manager Introduction to Timeline Analysis Timeline analysis in digital forensics is a technique for constructing a timeline of events using data extracted during forensic examinations. For instance, in a case of unauthorized access, timeline analysis can reveal the sequence of actions leading up to the breach, the actions taken during the breach, and the actions taken after the breach. This technique is pivotal in understanding the sequence of even

In the ever-evolving cybersecurity landscape, organizations must stay ahead to protect their digital assets and sensitive information. The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) has been a guiding light for businesses seeking a comprehensive approach to managing and improving their cybersecurity posture. With the release of NIST CSF 2.0, organizations are presented with an updated roadmap designed to address the challenges of an in

In the ever-evolving landscape of cybersecurity, it's crucial to ensure that every facet of our defense mechanisms is not just keeping pace with the present but also propelling us into the future. However, when we take a closer look at Third Party Risk Management (TPRM), it's akin to stepping into a time warp where the echoes of 2006 still linger. A time when Spotify was yet to grace our playlists, Saddam Hussein faced trial, the housing bubble burst, and the stock market exp

As technology continues to evolve at a rapid pace, so do the tactics and strategies employed by cybercriminals. In addition to managing...