Informe sobre amenazas a la seguridad empresarial 2021

Cómo los líderes de seguridad y TI pueden utilizar los informes de amenazas para desarrollar sus protocolos de seguridad
Informe sobre amenazas a la seguridad empresarial 2021

How can your organization take action on threat reports?

During the year, cybersecurity companies publish reports, guides and webinars on the most relevant threats. This information can be overwhelming and difficult for security teams to understand, as it is not easy to identify what applies to your organization and what does not. Recently, VerSprite published its Annual Critical Threat Report “Envisions” for 2021, which includes a section for each of the 6 cybersecurity threats that will be most affected by each of the risks mentioned. In this way, the teams Security managers can focus only on mitigation recommendations for risks related to their environment.

In this video, Envisions author Balam Mendoza and VerSprite CEO Tony UcedaVélez discuss the main themes within the report and how IT and security teams should use threat reports when planning their security protocols for this anus. This episode was recorded in English and Spanish for your convenience.

2021 IT and Security Threats for Businesses | Spanish

Discussion topics include:

  • What are the main information security risks for companies that still face challenges with remote work?
  • How can IT administrators and security leaders protect themselves from the increased risks associated with BYOD and IoT devices within the office?
  • Should FinTechs and companies investing in altcoins be concerned about blockchain technology and ransomware attacks?
  • What should we do to prepare against potential attacks on critical infrastructure? (Making reference to healthcare fields and companies with physical supply chains)
  • How can IT and security leaders use reports like this? Who should pay attention to the top 6 cybersecurity threats? What makes Envisions more practical than other reports?


CreateNamedPipeW IDA-Pro Xrefs Popup |  See Sprite Security Research Group



Risk-Based Organizational Threat Modeling

The VerSprites approach to threat modeling is supported by evidence. VerSprite security experts analyze threats against the attack surface of application and network components to identify risks inherent to a company by first understanding the context of what the software, application or network must do to the company or its customers. We also perform penetration and exploitation tests that help to understand what are the threats that exist within the model to validate how likely it is that they will be used against the target company. Matching and relating feasibility to impact allows this methodology to stand out as a highly effective risk-focused threat modeling approach.Learn more →

PASTA Threat Modeling

PASTA Threat Modeling: The Process for Attack Simulation and Threat Analysis

VerSprite leverages our PASTA (Process for Attack Simulation and Threat Analysis) methodology to apply a risk-based approach to threat modeling. This methodology integrates business impact, inherent application risk, trust boundaries among application components, correlated threats, and attack patterns that exploit identified weaknesses from the threat modeling exercises.