IN THE NEWS
October 12, 2022
How to build effective threat monitoring and access management in OT cybersecurity – webinar
Implementing an effective Operational technology (OT) security program is a fundamental step that organizations and critical infrastructure should be taking. What specifics do ICS attacks have? And what are the key elements of an effective OT cybersecurity strategy?
September 30, 2022
Zero Trust model: key principles, implementation, and possible challenges
The number of cyber threats in the world is growing dramatically. In such conditions, businesses need not only to respond to existing cyber challenges, but also to act in advance. One of the possible solutions is to implement Zero Trust cybersecurity model (in Ukrainian)
September 9, 2022
The main types of phishing attacks. How can organizations protect themselves from intruders?
Phishing attacks are one of the most common cybercrimes. They can be divided depending on the target audience (a victim targeted by an attack), or on a platform used for fraud (mail, voice messages, SMS). How to protect your business from phishing campaigns? (in Ukrainian)
August 29, 2022
Corporate cyber hygiene: What are the risks of using employees' personal devices in the workplace and how to minimize them?
The practice when employees can use their own gadgets (laptops, tablets and smartphones) at work is called BYOD (Bring Your Own Device). What are the cyber risks of such a practice and how can organizations protect themselves from the possible penetration via non-corporate devices? (in Ukrainian)
July 13, 2022
How ISSP increases the level of cyber hygiene of critical infrastructure employees in Ukraine and why it is so important
ISSP and the International Cyber Academy, with the support of international partners, are implementing an educational project aimed to assess and improve the level of cyber hygiene of critical infrastructure operators in Ukraine (in Ukrainian).
June 8, 2022
At Collision for the second time: ISSP presents innovative cyber solutions at the largest North American tech conference
ISSP as an international full cycle professional cybersecurity company is one of the official partners of the Ukrainian delegation at Collision – the fastest-growing tech conference in North America.
This impressive business event brings together more than 1,250 startups and 800 investors from 140 countries.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
November 25, 2021
Cyber attack in real time. Why business can't miss Grid Netwars?
The SANS Netwars Tournament is a unique learning opportunity where cyber specialists may sharpen methods, tactics and techniques of conducting cyber investigations and countering cyber attacks in real-time format (in Ukrainian).
July 14, 2021
ISSP Offers Cybersecurity Solution for Startups
ISSP is offering a new Cybersecurity for Startups solution that includes tailored incident detection, vulnerability management, and threat hunting services. These services are customized for each customer based on analysis of their business and a top-level audit of their cybersecurity posture and are augmented by continuous virtual CISO and consulting services.
June 23, 2021
3 Reasons You Can’t Fully Trust Your Security Tools
And What You Can Do about It
The recent Mandiant Security Effectiveness Report 2020 released by FireEye shows that companies are at much greater risk than they realize.
Organizations make significant investments in security infrastructure, hire and train cybersecurity teams, and put processes in place to protect critical assets. But research shows that without evidence of security performance, organizations are operating on assumptions that don’t match reality and leave them with significant risks.
February 18, 2021
Cyber Hygiene Development in 2021
In 2020, the issue of cyberhygiene received new life. There is growing awareness that the first firewall in the security system is human. It is the employee who is the boundary that may or may not allow a hacker into the infrastructure. Therefore, cyberhygiene skills are no longer optional, and cyberhygiene has been raised to the level of a key practice in which employees must constantly be trained. It’s no longer a one-time exercise but constant preparation for a marathon.
June 25, 2020
A Cybersecure Way to Return to the Office after Lockdown
When the coronavirus pandemic started and companies sent their employees to work from home, it gave hackers new opportunities to penetrate corporate networks. Information security services in many organizations faced new threats as staff left the protected perimeter. Now that governments worldwide are gradually lifting restrictions and employees are starting to return to their offices, additional opportunities arise for hackers and security departments are in for new challenges.
April 19, 2020
Secure Remote Work Solutions
During the time when employees work remotely, it is necessary to ensure the safety of work processes and data protection and at the same time provide employees with the opportunity to work in the most comfortable conditions, share information with colleagues, arrange meetings and carry out joint work on complex projects. ISSP offers comprehensive and effective secure remote work solutions and services.
March 19, 2020
ISSP Continues Operations in Face of COVID-19 Epidemic
In the face of the COVID-19 epidemic, we want to assure all our customers and partners that the ISSP team continues to operate in accordance with our emergency action plan and maintains the highest level of protection and security of your company's information networks and systems.
Despite the likelihood of increasing number of cyber attacks (APT and phishing attacks), all ISSP services are fully operational, and we continue to provide you with the highest quality services.
November 10, 2019
It is Time to Use Video Surveillance in Cyberspace
When organizations wish to protect themselves against cyber threats, they integrate certain technologies, engage experts, and order cyber security services. But this is not enough. Filing a lawsuit with a court and having offenders punished should be the real response to cybercrimes and cyber wars. Cybersecurity is only about prevention whereas digital forensics is about liability for damages caused to individuals, businesses or states. And this also implies the punishment for cyberattacks, cybercrimes, and cyber wars.
October 30, 2019
Cyberattack on Georgian Websites Explained
“As we can see, this was not a coordinated attack on many targets but a breach of one web hosting provider's infrastructure. This is a typical example of a supply-chain attack. IT-service providers are always very attractive targets for cyberattacks. If we remember NotPetya, that attack also started with the breach of the infrastructure of a software developer, whose product was used by hundreds of thousands of other companies.”
September 24, 2019
ISSP долучилася до створення національної Коаліції цифрової трансформації
В рамках Коаліції цифрової трансформації компанія ISSP братиме участь у проектах, спрямованих на поширення інформації про сучасні цифрові технології, створення інфраструктури, необхідної для набуття та покращення цифрових навичок молоді та суспільства загалом, та розвиток міжнародної співпраці у сфері цифрових технологій і кібербезпеки.
September 4, 2019
ISSP Presents at National Asset-Liability Management Asia Conference in Singapore
Oleksander Sirotin, Critical Infrastructure Program Manager, ISSP, will speak about understanding the risk of banking in the age of cyber crime and will share the latest methods and evolution of financial fraud as well as efficient tools for fraud prevention and compromise assessment in complex financial institutions.
August 14, 2019
Two Years After NotPetya. Cyberattacks Never Stop for a Moment
Today at ISSP, we keep witnessing how adversaries keep trying and testing new cyberattack technologies, tactics, techniques, and procedures while attacking both private and public sector organizations, new breaches happen regularly, and attackers keep capturing infrastructure targets that are of interest for them.
June 27, 2019
ISSP Chairman Oleh Derevianko Spoke at Behind the Digital Curtain Conference in Brussels
The conference brought together experts in the fields of cyber security, politics and civil society from Ukraine and different European countries who discussed what can potential cyber impact on the elections in Ukraine and in Europe be, whether governments and private companies are likely to discover and attribute cyber operations, what the vulnerabilities of internet of things and devices that control critical infrastructure are and other issues.
May 20, 2019
Case Study Ukraine: A Look at the Laboratory for Cyber War Presented at Berlin CyberSecurityForum
On May 16-17 Oleh Derevianko, Co-Founder and Chairman of the Board of ISSP, participated at The Aspen Institute Germany's Berlin CyberSecurityForum where he spoke at the opening panel discussion about the Great Cyber Game as well as delivered one hour break-out session entitled „Case Study – Ukraine: A Look at the Laboratory for Cyber War“.
May 2, 2019
ISSP Participated in Fortinet Security Day 2019 in Kyiv
Having more than 20 years of experience in APT detection, cyber-attack investigations, malware analysis and threat hunting, Oleksiy Yasinskiy, Head of ISSP Labs & Research Center, was involved in the investigation of some of the world’s most sophisticated cyber-attacks. Based on his experience he argued that traditionally organizations tend to focus on protecting the perimeter of their information and communication systems, but cyber criminals eventually breach every layer of defense, and protection from intrusion becomes virtually impossible.
April 22, 2019
ISSP Becomes Forcepoint Platinum Partner
ISSP has been working in partnership with Forcepoint for 10 years and has built a wealth of skills and experience around Forcepoint solutions.
“We know exactly how Forcepoint technologies meet the needs of our customers”, says Roman Sologub, ISSP CEO. “In the recent years, our experts have reached the top level of technical expertise by implementing Forcepoint Platform in numerous integration projects”.
April 4, 2019
LE MONDE - Ukraine, Favorite Target of Russian
Hackers (in French)
According to a report recently provided to the World by the Ukrainian Prime Minister, Volodymyr Hroisman, about 10% of the computers of the country's companies were destroyed on this occasion, 1,500 companies and organizations reported themselves as victims. A report likely underestimated according to the firm Information Systems Security Partners (ISSP), which studied the damage closely and saw a "massive and coordinated cyberinvasion". Eight months later, the United States and their closest allies have confirmed the diagnosis of most analysts and observers: Russia is responsible for "the most destructive and costly cyber attack in history".
February 15, 2019
POLITICO - How Ukraine Became A Test Bed For Cyberweaponry
To see the warfare of the future, head to the top floor of a nondescript office tower on a potholed street on the scruffy outskirts of Ukraine’s capital. There, next to a darkened conference room, engineers sit at dark gray monitors, waging war with lines of code.
“Attacks are happening every day,” says Oleh Derevianko, founder of the Ukrainian cybersecurity firm that employs them, Information Systems Security Partners. “We never thought we were going to be the front line of cyber and hybrid war.”
October 12, 2018
How Can an Organization Understand if It Is Under Attack or at Risk?
Every company must accept the fact that cyber criminals will eventually breach its defense perimeter. It is obvious simply because they have an unlimited number of tries and methods to avoid systems of active perimeter defense. And before they are detected attackers remain inside an organization’s infrastructure for 160-469 days. The process of detecting intruders is generally rather complex, time and resource consuming. Therefore, telling if an organization is compromised is rather challenging.
June 22, 2018
WIRED - The Untold Story Of NotPetya, The Most Devastating Cyberattack In History
OLEKSII YASINSKY EXPECTED a calm Tuesday at the office. It was the day before Ukraine’s Constitution Day, a national holiday, and most of his coworkers were either planning their vacations or already taking them. But not Yasinsky. For the past year he’d been the head of the cyber lab at Information Systems Security Partners, a company that was quickly becoming the go-to firm for victims of Ukraine’s cyberwar. That job description didn’t lend itself to downtime. Since the first blows of Russia’s cyberattacks hit in late 2015, in fact, he’d allowed himself a grand total of one week off.
July 4, 2017
BBC Future - The Day a Mysterious Cyber-Attack Crippled Ukraine
On the morning of Tuesday, 27 June, Oleh Derevianko, the head of Kiev-based cybersecurity firm Information Systems Security Partners (ISSP), was at Bessarabska market, a popular food market in the heart of downtown. Derevianko was picking up a few things before heading out for the 300km drive to his parents’ village. Wednesday was constitution day in Ukraine, a national holiday, and he’d be using the mid-week break to spend a couple days with his kids. The kids usually spend two months of their summer holidays at their grandparents’ village home, so this was a rare chance for some summer fun together.
June 20, 2017
WIRED - How an Entire Nation Became Russia's Test Lab for Cyberwar
The clocks read zero when the lights went out.
It was a Saturday night last December, and Oleksii Yasinsky was sitting on the couch with his wife and teenage son in the living room of their Kiev apartment. The 40-year-old Ukrainian cybersecurity researcher and his family were an hour into Oliver Stone’s film Snowden when their building abruptly lost power.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
July 14, 2021
ISSP Offers Cybersecurity Solution for Startups
ISSP is offering a new Cybersecurity for Startups solution that includes tailored incident detection, vulnerability management, and threat hunting services. These services are customized for each customer based on analysis of their business and a top-level audit of their cybersecurity posture and are augmented by continuous virtual CISO and consulting services.
June 23, 2021
3 Reasons You Can’t Fully Trust Your Security Tools
And What You Can Do about It
The recent Mandiant Security Effectiveness Report 2020 released by FireEye shows that companies are at much greater risk than they realize.
Organizations make significant investments in security infrastructure, hire and train cybersecurity teams, and put processes in place to protect critical assets. But research shows that without evidence of security performance, organizations are operating on assumptions that don’t match reality and leave them with significant risks.
February 18, 2021
Cyber Hygiene Development in 2021
In 2020, the issue of cyberhygiene received new life. There is growing awareness that the first firewall in the security system is human. It is the employee who is the boundary that may or may not allow a hacker into the infrastructure. Therefore, cyberhygiene skills are no longer optional, and cyberhygiene has been raised to the level of a key practice in which employees must constantly be trained. It’s no longer a one-time exercise but constant preparation for a marathon.
June 25, 2020
A Cybersecure Way to Return to the Office after Lockdown
When the coronavirus pandemic started and companies sent their employees to work from home, it gave hackers new opportunities to penetrate corporate networks. Information security services in many organizations faced new threats as staff left the protected perimeter. Now that governments worldwide are gradually lifting restrictions and employees are starting to return to their offices, additional opportunities arise for hackers and security departments are in for new challenges.
April 19, 2020
Secure Remote Work Solutions
During the time when employees work remotely, it is necessary to ensure the safety of work processes and data protection and at the same time provide employees with the opportunity to work in the most comfortable conditions, share information with colleagues, arrange meetings and carry out joint work on complex projects. ISSP offers comprehensive and effective secure remote work solutions and services.
March 19, 2020
ISSP Continues Operations in Face of COVID-19 Epidemic
In the face of the COVID-19 epidemic, we want to assure all our customers and partners that the ISSP team continues to operate in accordance with our emergency action plan and maintains the highest level of protection and security of your company's information networks and systems.
Despite the likelihood of increasing number of cyber attacks (APT and phishing attacks), all ISSP services are fully operational, and we continue to provide you with the highest quality services.
November 10, 2019
It is Time to Use Video Surveillance in Cyberspace
When organizations wish to protect themselves against cyber threats, they integrate certain technologies, engage experts, and order cyber security services. But this is not enough. Filing a lawsuit with a court and having offenders punished should be the real response to cybercrimes and cyber wars. Cybersecurity is only about prevention whereas digital forensics is about liability for damages caused to individuals, businesses or states. And this also implies the punishment for cyberattacks, cybercrimes, and cyber wars.
October 30, 2019
Cyberattack on Georgian Websites Explained
“As we can see, this was not a coordinated attack on many targets but a breach of one web hosting provider's infrastructure. This is a typical example of a supply-chain attack. IT-service providers are always very attractive targets for cyberattacks. If we remember NotPetya, that attack also started with the breach of the infrastructure of a software developer, whose product was used by hundreds of thousands of other companies.”
September 24, 2019
ISSP долучилася до створення національної Коаліції цифрової трансформації
В рамках Коаліції цифрової трансформації компанія ISSP братиме участь у проектах, спрямованих на поширення інформації про сучасні цифрові технології, створення інфраструктури, необхідної для набуття та покращення цифрових навичок молоді та суспільства загалом, та розвиток міжнародної співпраці у сфері цифрових технологій і кібербезпеки.
September 4, 2019
ISSP Presents at National Asset-Liability Management Asia Conference in Singapore
Oleksander Sirotin, Critical Infrastructure Program Manager, ISSP, will speak about understanding the risk of banking in the age of cyber crime and will share the latest methods and evolution of financial fraud as well as efficient tools for fraud prevention and compromise assessment in complex financial institutions.
August 14, 2019
Two Years After NotPetya. Cyberattacks Never Stop for a Moment
Today at ISSP, we keep witnessing how adversaries keep trying and testing new cyberattack technologies, tactics, techniques, and procedures while attacking both private and public sector organizations, new breaches happen regularly, and attackers keep capturing infrastructure targets that are of interest for them.
June 27, 2019
ISSP Chairman Oleh Derevianko Spoke at Behind the Digital Curtain Conference in Brussels
The conference brought together experts in the fields of cyber security, politics and civil society from Ukraine and different European countries who discussed what can potential cyber impact on the elections in Ukraine and in Europe be, whether governments and private companies are likely to discover and attribute cyber operations, what the vulnerabilities of internet of things and devices that control critical infrastructure are and other issues.
May 20, 2019
Case Study Ukraine: A Look at the Laboratory for Cyber War Presented at Berlin CyberSecurityForum
On May 16-17 Oleh Derevianko, Co-Founder and Chairman of the Board of ISSP, participated at The Aspen Institute Germany's Berlin CyberSecurityForum where he spoke at the opening panel discussion about the Great Cyber Game as well as delivered one hour break-out session entitled „Case Study – Ukraine: A Look at the Laboratory for Cyber War“.
May 2, 2019
ISSP Participated in Fortinet Security Day 2019 in Kyiv
Having more than 20 years of experience in APT detection, cyber-attack investigations, malware analysis and threat hunting, Oleksiy Yasinskiy, Head of ISSP Labs & Research Center, was involved in the investigation of some of the world’s most sophisticated cyber-attacks. Based on his experience he argued that traditionally organizations tend to focus on protecting the perimeter of their information and communication systems, but cyber criminals eventually breach every layer of defense, and protection from intrusion becomes virtually impossible.
April 22, 2019
ISSP Becomes Forcepoint Platinum Partner
ISSP has been working in partnership with Forcepoint for 10 years and has built a wealth of skills and experience around Forcepoint solutions.
“We know exactly how Forcepoint technologies meet the needs of our customers”, says Roman Sologub, ISSP CEO. “In the recent years, our experts have reached the top level of technical expertise by implementing Forcepoint Platform in numerous integration projects”.
April 4, 2019
LE MONDE - Ukraine, Favorite Target of Russian
Hackers (in French)
According to a report recently provided to the World by the Ukrainian Prime Minister, Volodymyr Hroisman, about 10% of the computers of the country's companies were destroyed on this occasion, 1,500 companies and organizations reported themselves as victims. A report likely underestimated according to the firm Information Systems Security Partners (ISSP), which studied the damage closely and saw a "massive and coordinated cyberinvasion". Eight months later, the United States and their closest allies have confirmed the diagnosis of most analysts and observers: Russia is responsible for "the most destructive and costly cyber attack in history".
February 15, 2019
POLITICO - How Ukraine Became A Test Bed For Cyberweaponry
To see the warfare of the future, head to the top floor of a nondescript office tower on a potholed street on the scruffy outskirts of Ukraine’s capital. There, next to a darkened conference room, engineers sit at dark gray monitors, waging war with lines of code.
“Attacks are happening every day,” says Oleh Derevianko, founder of the Ukrainian cybersecurity firm that employs them, Information Systems Security Partners. “We never thought we were going to be the front line of cyber and hybrid war.”
October 12, 2018
How Can an Organization Understand if It Is Under Attack or at Risk?
Every company must accept the fact that cyber criminals will eventually breach its defense perimeter. It is obvious simply because they have an unlimited number of tries and methods to avoid systems of active perimeter defense. And before they are detected attackers remain inside an organization’s infrastructure for 160-469 days. The process of detecting intruders is generally rather complex, time and resource consuming. Therefore, telling if an organization is compromised is rather challenging.
June 22, 2018
WIRED - The Untold Story Of NotPetya, The Most Devastating Cyberattack In History
OLEKSII YASINSKY EXPECTED a calm Tuesday at the office. It was the day before Ukraine’s Constitution Day, a national holiday, and most of his coworkers were either planning their vacations or already taking them. But not Yasinsky. For the past year he’d been the head of the cyber lab at Information Systems Security Partners, a company that was quickly becoming the go-to firm for victims of Ukraine’s cyberwar. That job description didn’t lend itself to downtime. Since the first blows of Russia’s cyberattacks hit in late 2015, in fact, he’d allowed himself a grand total of one week off.
July 4, 2017
BBC Future - The Day a Mysterious Cyber-Attack Crippled Ukraine
On the morning of Tuesday, 27 June, Oleh Derevianko, the head of Kiev-based cybersecurity firm Information Systems Security Partners (ISSP), was at Bessarabska market, a popular food market in the heart of downtown. Derevianko was picking up a few things before heading out for the 300km drive to his parents’ village. Wednesday was constitution day in Ukraine, a national holiday, and he’d be using the mid-week break to spend a couple days with his kids. The kids usually spend two months of their summer holidays at their grandparents’ village home, so this was a rare chance for some summer fun together.
June 20, 2017
WIRED - How an Entire Nation Became Russia's Test Lab for Cyberwar
The clocks read zero when the lights went out.
It was a Saturday night last December, and Oleksii Yasinsky was sitting on the couch with his wife and teenage son in the living room of their Kiev apartment. The 40-year-old Ukrainian cybersecurity researcher and his family were an hour into Oliver Stone’s film Snowden when their building abruptly lost power.
June 8, 2022
At Collision for the second time: ISSP presents innovative cyber solutions at the largest North American tech conference
ISSP as an international full cycle professional cybersecurity company is one of the official partners of the Ukrainian delegation at Collision – the fastest-growing tech conference in North America.
This impressive business event brings together more than 1,250 startups and 800 investors from 140 countries.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
September 10, 2021
Addressing cybersecurity in a holistic manner with ISSP Cybersecurity Preparedness Framework
At the Polish-Ukrainian webinar on security, hybrid threats and human rights on 7-8 September 2021 Oleh Derevianko, Chairman & CVO of ISSP shared with the Polish and Ukrainian audience the ISSP Cybersecurity Preparedness Framework (CPF) – a holistic approach to cybersecurity, resilience, and countering cybercrime. It is a management and technology framework developed by ISSP’s cybersecurity experts to reduce short- and long-term vulnerabilities, build cybersecurity capacity and strengthen cybersecurity resilience of critical infrastructure operators.
July 14, 2021
ISSP Offers Cybersecurity Solution for Startups
ISSP is offering a new Cybersecurity for Startups solution that includes tailored incident detection, vulnerability management, and threat hunting services. These services are customized for each customer based on analysis of their business and a top-level audit of their cybersecurity posture and are augmented by continuous virtual CISO and consulting services.
June 23, 2021
3 Reasons You Can’t Fully Trust Your Security Tools
And What You Can Do about It
The recent Mandiant Security Effectiveness Report 2020 released by FireEye shows that companies are at much greater risk than they realize.
Organizations make significant investments in security infrastructure, hire and train cybersecurity teams, and put processes in place to protect critical assets. But research shows that without evidence of security performance, organizations are operating on assumptions that don’t match reality and leave them with significant risks.
February 18, 2021
Cyber Hygiene Development in 2021
In 2020, the issue of cyberhygiene received new life. There is growing awareness that the first firewall in the security system is human. It is the employee who is the boundary that may or may not allow a hacker into the infrastructure. Therefore, cyberhygiene skills are no longer optional, and cyberhygiene has been raised to the level of a key practice in which employees must constantly be trained. It’s no longer a one-time exercise but constant preparation for a marathon.
June 25, 2020
A Cybersecure Way to Return to the Office after Lockdown
When the coronavirus pandemic started and companies sent their employees to work from home, it gave hackers new opportunities to penetrate corporate networks. Information security services in many organizations faced new threats as staff left the protected perimeter. Now that governments worldwide are gradually lifting restrictions and employees are starting to return to their offices, additional opportunities arise for hackers and security departments are in for new challenges.
April 19, 2020
Secure Remote Work Solutions
During the time when employees work remotely, it is necessary to ensure the safety of work processes and data protection and at the same time provide employees with the opportunity to work in the most comfortable conditions, share information with colleagues, arrange meetings and carry out joint work on complex projects. ISSP offers comprehensive and effective secure remote work solutions and services.
March 19, 2020
ISSP Continues Operations in Face of COVID-19 Epidemic
In the face of the COVID-19 epidemic, we want to assure all our customers and partners that the ISSP team continues to operate in accordance with our emergency action plan and maintains the highest level of protection and security of your company's information networks and systems.
Despite the likelihood of increasing number of cyber attacks (APT and phishing attacks), all ISSP services are fully operational, and we continue to provide you with the highest quality services.
November 10, 2019
It is Time to Use Video Surveillance in Cyberspace
When organizations wish to protect themselves against cyber threats, they integrate certain technologies, engage experts, and order cyber security services. But this is not enough. Filing a lawsuit with a court and having offenders punished should be the real response to cybercrimes and cyber wars. Cybersecurity is only about prevention whereas digital forensics is about liability for damages caused to individuals, businesses or states. And this also implies the punishment for cyberattacks, cybercrimes, and cyber wars.
October 30, 2019
Cyberattack on Georgian Websites Explained
“As we can see, this was not a coordinated attack on many targets but a breach of one web hosting provider's infrastructure. This is a typical example of a supply-chain attack. IT-service providers are always very attractive targets for cyberattacks. If we remember NotPetya, that attack also started with the breach of the infrastructure of a software developer, whose product was used by hundreds of thousands of other companies.”
September 24, 2019
ISSP долучилася до створення національної Коаліції цифрової трансформації
В рамках Коаліції цифрової трансформації компанія ISSP братиме участь у проектах, спрямованих на поширення інформації про сучасні цифрові технології, створення інфраструктури, необхідної для набуття та покращення цифрових навичок молоді та суспільства загалом, та розвиток міжнародної співпраці у сфері цифрових технологій і кібербезпеки.
September 4, 2019
ISSP Presents at National Asset-Liability Management Asia Conference in Singapore
Oleksander Sirotin, Critical Infrastructure Program Manager, ISSP, will speak about understanding the risk of banking in the age of cyber crime and will share the latest methods and evolution of financial fraud as well as efficient tools for fraud prevention and compromise assessment in complex financial institutions.
August 14, 2019
Two Years After NotPetya. Cyberattacks Never Stop for a Moment
Today at ISSP, we keep witnessing how adversaries keep trying and testing new cyberattack technologies, tactics, techniques, and procedures while attacking both private and public sector organizations, new breaches happen regularly, and attackers keep capturing infrastructure targets that are of interest for them.
June 27, 2019
ISSP Chairman Oleh Derevianko Spoke at Behind the Digital Curtain Conference in Brussels
The conference brought together experts in the fields of cyber security, politics and civil society from Ukraine and different European countries who discussed what can potential cyber impact on the elections in Ukraine and in Europe be, whether governments and private companies are likely to discover and attribute cyber operations, what the vulnerabilities of internet of things and devices that control critical infrastructure are and other issues.
May 20, 2019
Case Study Ukraine: A Look at the Laboratory for Cyber War Presented at Berlin CyberSecurityForum
On May 16-17 Oleh Derevianko, Co-Founder and Chairman of the Board of ISSP, participated at The Aspen Institute Germany's Berlin CyberSecurityForum where he spoke at the opening panel discussion about the Great Cyber Game as well as delivered one hour break-out session entitled „Case Study – Ukraine: A Look at the Laboratory for Cyber War“.
May 2, 2019
ISSP Participated in Fortinet Security Day 2019 in Kyiv
Having more than 20 years of experience in APT detection, cyber-attack investigations, malware analysis and threat hunting, Oleksiy Yasinskiy, Head of ISSP Labs & Research Center, was involved in the investigation of some of the world’s most sophisticated cyber-attacks. Based on his experience he argued that traditionally organizations tend to focus on protecting the perimeter of their information and communication systems, but cyber criminals eventually breach every layer of defense, and protection from intrusion becomes virtually impossible.
April 22, 2019
ISSP Becomes Forcepoint Platinum Partner
ISSP has been working in partnership with Forcepoint for 10 years and has built a wealth of skills and experience around Forcepoint solutions.
“We know exactly how Forcepoint technologies meet the needs of our customers”, says Roman Sologub, ISSP CEO. “In the recent years, our experts have reached the top level of technical expertise by implementing Forcepoint Platform in numerous integration projects”.
April 4, 2019
LE MONDE - Ukraine, Favorite Target of Russian
Hackers (in French)
According to a report recently provided to the World by the Ukrainian Prime Minister, Volodymyr Hroisman, about 10% of the computers of the country's companies were destroyed on this occasion, 1,500 companies and organizations reported themselves as victims. A report likely underestimated according to the firm Information Systems Security Partners (ISSP), which studied the damage closely and saw a "massive and coordinated cyberinvasion". Eight months later, the United States and their closest allies have confirmed the diagnosis of most analysts and observers: Russia is responsible for "the most destructive and costly cyber attack in history".
February 15, 2019
POLITICO - How Ukraine Became A Test Bed For Cyberweaponry
To see the warfare of the future, head to the top floor of a nondescript office tower on a potholed street on the scruffy outskirts of Ukraine’s capital. There, next to a darkened conference room, engineers sit at dark gray monitors, waging war with lines of code.
“Attacks are happening every day,” says Oleh Derevianko, founder of the Ukrainian cybersecurity firm that employs them, Information Systems Security Partners. “We never thought we were going to be the front line of cyber and hybrid war.”
October 12, 2018
How Can an Organization Understand if It Is Under Attack or at Risk?
Every company must accept the fact that cyber criminals will eventually breach its defense perimeter. It is obvious simply because they have an unlimited number of tries and methods to avoid systems of active perimeter defense. And before they are detected attackers remain inside an organization’s infrastructure for 160-469 days. The process of detecting intruders is generally rather complex, time and resource consuming. Therefore, telling if an organization is compromised is rather challenging.
June 22, 2018
WIRED - The Untold Story Of NotPetya, The Most Devastating Cyberattack In History
OLEKSII YASINSKY EXPECTED a calm Tuesday at the office. It was the day before Ukraine’s Constitution Day, a national holiday, and most of his coworkers were either planning their vacations or already taking them. But not Yasinsky. For the past year he’d been the head of the cyber lab at Information Systems Security Partners, a company that was quickly becoming the go-to firm for victims of Ukraine’s cyberwar. That job description didn’t lend itself to downtime. Since the first blows of Russia’s cyberattacks hit in late 2015, in fact, he’d allowed himself a grand total of one week off.
July 4, 2017
BBC Future - The Day a Mysterious Cyber-Attack Crippled Ukraine
On the morning of Tuesday, 27 June, Oleh Derevianko, the head of Kiev-based cybersecurity firm Information Systems Security Partners (ISSP), was at Bessarabska market, a popular food market in the heart of downtown. Derevianko was picking up a few things before heading out for the 300km drive to his parents’ village. Wednesday was constitution day in Ukraine, a national holiday, and he’d be using the mid-week break to spend a couple days with his kids. The kids usually spend two months of their summer holidays at their grandparents’ village home, so this was a rare chance for some summer fun together.
June 20, 2017
WIRED - How an Entire Nation Became Russia's Test Lab for Cyberwar
The clocks read zero when the lights went out.
It was a Saturday night last December, and Oleksii Yasinsky was sitting on the couch with his wife and teenage son in the living room of their Kiev apartment. The 40-year-old Ukrainian cybersecurity researcher and his family were an hour into Oliver Stone’s film Snowden when their building abruptly lost power.