Why Extended Detection and Response (XDR) and why now?

August 4, 2021 | Tawnya Lancaster
Tawnya Lancaster

Tawnya Lancaster

Tawnya Lancaster has led thought leadership and research in cybersecurity for 10 years. In her role at AT&T, she works across multiple AT&T business units, including AT&T’s Chief Security Office, AT&T Alien Labs™ (the threat intelligence unit of AT&T), Managed Security Services, Professional Services, and R&D, to identify trends in cybersecurity and develop thought leadership content on emerging security technologies and strategies for protecting the enterprise. Recent research includes: the security implications of 5G, edge computing, and IoT; use of machine learning and analytics in threat intelligence; increasing importance of Zero Trust as a strategic approach for security; consolidation of security services in virtualized/cloud environments; measurement of cybersecurity maturity across industries.

August 4, 2021 | Tawnya Lancaster

Why Extended Detection and Response (XDR) and why now?

We in cybersecurity just love new, buzzy acronyms. The latest is “XDR,” otherwise known as extended detection and response. No doubt, you’ve already read an article, watched a webinar, or listened to a podcast on XDR. Jon Olstik and Dave Gruber of cybersecurity research firm, ESG, wrote several articles in the summer of 2020 in which they…

April 7, 2021 | Tawnya Lancaster

Do customers really care about SASE? Absolutely, and here’s why

As IT and security leaders adapt to business operations in the “new normal,” they are simultaneously being charged with priming the business to win in the next era of distributed computing. This involves myriad updates to the business’ IT systems, and in some cases, a comprehensive overhaul for network modernization, cloud migration, and edge design and deployment …

December 8, 2020 | Tawnya Lancaster

Just released! AT&T Cybersecurity Insights™ Report: 5G and the Journey to the Edge

We are certainly in unique times, with COVID driving digital transformation at an unprecedented pace, remote work appearing to be long term, and the specter of new threats looming over security professionals as they strategized how to protect a rapidly changing business and tech landscape.  To use perhaps one too many cliches: it is the best of times, it…

September 23, 2020 | Tawnya Lancaster

IDC MarketScape Names AT&T a Leader in Worldwide Managed Security Services

IDC recently published the IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment, in which primary author Martha Vazquez and team studied 17 organizations that offer MSS globally. The report provides a comprehensive look at MSSP vendors, including AT&T, and how managed security services are evolving to meet the needs of customers today. This is especially relevant as security teams…

August 10, 2020 | Tawnya Lancaster

Cyber threat intelligence explained

The cybersecurity industry is increasingly producing enormous amounts of raw threat data. The sheer volume of information threat researchers must sift through makes it difficult to collect, analyze, and research that data in a timely manner. This in turn limits their ability to understand what data is valid and useful and whether threat artifacts will result in legitimate threat indicators. …

July 1, 2020 | Tawnya Lancaster

New report: COVID-19 Threat Intelligence Insight from the Telco Security Alliance

AT&T Cybersecurity along with three members of the Telco Security Alliance (TSA) published a new report today, “COVID-19 Insight from the Telco Security Alliance.” The report provides insight into some of the threat groups (as well as analysis of their campaigns) that are taking advantage of the global pandemic while nations and organizations are vulnerable. TSA…

June 2, 2020 | Tawnya Lancaster

Threat hunting explained: what is cyber threat hunting?

What is threat hunting? The process of threat hunting involves proactively searching for malware or attackers that are hiding within a network. Rather than simply relying on security solutions or services to detect threats, threat hunting is a predictive element to a layered security strategy, empowering organizations to go on the offensive looking for threats. Threat hunting is typically carried…

May 12, 2020 | Tawnya Lancaster

The relationship between security maturity and business enablement

A seminal report exploring the correlation between cybersecurity and positive business and security outcomes Now more than ever organizations globally want to better understand, manage, and minimize security risks. To achieve this, security leaders should be regularly assessing their processes and programs to gain a sense of their organization’s security maturity, where gaps exist, and what can be…

May 11, 2020 | Tawnya Lancaster

A HIPAA Compliance Checklist

Five steps to ensuring the protection of patient data and ongoing risk management. Maintaining security and compliance with HIPAA, the Health Insurance Portability and Accountability Act, is growing ever more challenging. The networks that house protected health information (PHI or ePHI) are becoming larger and more complex — especially as organizations move data to the cloud. At the same time,…

November 22, 2019 | Tawnya Lancaster

5G is coming, are you prepared?

5G technologies and networks are bringing exciting new possibilities for the enterprise. Many organizations are taking a proactive stance by anticipating the security requirements that will come with the new technology. Given the multifaceted nature of 5G and security, it’s critical for organizations to understand the magnitude of this undertaking.  You can check out a recent blog…

July 9, 2019 | Tawnya Lancaster

A peek into malware analysis tools

So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. Malware analysis — the basis for understanding the inner workings and intentions of malicious programs — has grown into a complex mix of technologies in…

May 1, 2019 | Tawnya Lancaster

Who’s phishing in your cloud? And, some suggestions for detecting it

An example of how to detect platform or service attacks Oh, the places we go . . . with apps in the cloud.   A comprehensive, six-month study released by Proofpoint, in March reports that (oh, to our surprise), attackers are “leveraging legacy protocols and credential dumps to increase the speed and effectiveness of brute …