• Home
  • Authors
  • Sam Curry

About Sam Curry

Sam Curry

Sam Curry is CSO at Cybereason and is a Visiting Fellow at the National Security Institute. Previously, Sam was CTO and CISO for Arbor Networks (NetScout) and was CSO and SVP R&D at MicroStrategy in addition to holding senior security roles at McAfee and CA. He spent 7 years at RSA, the Security Division of EMC as Chief Technologist and SVP of Product. Sam also has over 20 patents in security from his time as a security architect, has been a leader in two successful startups and is a board member of the Cybersecurity Coalition, of SSH Communications and of Sequitur Labs.

All posts by Sam Curry

Attack on Montenegro Further Evidence of Nation-State and Cybercriminal Crossover

Given the reckless attacks on Montenegro, all nations should be on high alert regardless of how close they are geographically or politically to the Ukrainian-Russian conflict. Why else would reports surface that the FBI rushed a team of cybersecurity experts to Montenegro if there wasn't a clear indication of Russian involvement?

September 1, 2022 / 2 minute read

Lapsus$ Activity Betrays Nation-State Motivation

Cybereason CSO Sam Curry talks about the potential threat of cyberattacks from Russia in connection with the invasion of Ukraine and why Russia might engage with external cyber mercenaries to get the job done. ..

April 1, 2022 / 6 minute read

Cybereason Solutions Are Not Impacted by Apache Log4j Vulnerability (CVE-2021-44228)

Cybereason has completed verification that the Apache Log4j vulnerability (CVE-2021-44228) does not affect any Cybereason products or services...

December 10, 2021 / 1 minute read

Zero Trust Race is On: Do You Have the Right Engine?

The automated correlation capabilities within Cybereason Advanced XDR ensures identities, authentication and authorization to cloud accounts, endpoints and devices takes a Zero Trust validation model approach...

November 8, 2021 / 4 minute read

Microsoft Publishes Veiled Mea Culpa Disguised as Research

Microsoft released a report on malicious activity they are attributing to a Russian threat actor that seems to suggest that Microsoft platforms and products were compromised...

October 26, 2021 / 3 minute read

Update Your Apple Devices to Guard Against Pegasus Spyware Attacks

Apple released updates to address no-click zero-day exploits being used to push spyware onto devices of unsuspecting users. Now that the flaws are public, there is greater urgency to apply the updates before other threat actors try to take advantage of them...

September 14, 2021 / 2 minute read

UN Breach Highlights Escalation of Cyber Threats

It is no surprise that the UN would be a cyber attack target, and there is no shame in being attacked. The fact that the attack involved a compromised username and password is the real problem...

September 9, 2021 / 2 minute read

Ransomware Attackers Don’t Take Holidays

Cybereason CSO Sam Curry provides insight on the trend of holiday ransomware attacks and the attack against Howard University over Labor Day weekend...

September 8, 2021 / 2 minute read

Implications of the Alleged State Department Breach

Cybereason CSO Sam Curry shares his thoughts on the alleged cyber attack against the US State Department and the potential implications for cybersecurity for both government agencies and private sector organizations...

August 24, 2021 / 2 minute read

T-Mobile Data Breach Amplifies Larger Cybersecurity Challenge

What is particularly concerning with the breach is the availability of mobile phone IMEI identity numbers tied to each specific customer’s phone - the more info cybercriminals have about you, the more targeted and effective they can make their attack...

August 17, 2021 / 2 minute read

REvil Ransomware Attacks: Implications for Kaseya, MSPs and Businesses

With great power comes great responsibility, and it’s time for everyone to ask not just 'how could my supply chain be used against me?' but also 'how could I be used against those I supply?'

July 7, 2021 / 4 minute read

Biden-Putin Summit and Why Threat Actors Just Won’t Give it a Rest

Will a Biden-Putin photo op at a joint press conference lead to agreements around reigning in the threat actors that Putin harbors in Russia?

June 17, 2021 / 3 minute read

Report: Ransomware Attacks and the True Cost to Business

A new global research study conducted by Cybereason reveals that the majority of organizations suffered significant business impact following a ransomware attack...

June 16, 2021 / 2 minute read

Russia’s Offer to Extradite Attackers - and a Grain of Salt

Only time will tell if Russian is willing to give up threat actors - but organizations don’t have the luxury of time when it comes to defending themselves...

June 15, 2021 / 3 minute read

SolarWinds Threat Actors Behind New Email Attack Campaign

Threat actors like these use the same advanced R&D techniques and agile principles that we’ve been championing in cutting-edge development and technology labs for years...

June 1, 2021 / 3 minute read

More Money Won’t Prevent the Next SolarWinds - But Better Detection Strategies Will

We need to shift away from our reliance on IOC artifacts and leverage Indicators of Behavior (IOBs), the subtle chains of behavior that can reveal an advanced attack long before it escalates to a major security event...

February 24, 2021 / 3 minute read

Sam Curry on the ‘Real Privacy Mandate’

National Privacy Day is a time to look at the current state of privacy and to set the direction and tone for the future. On January 28, 2021, let’s stop and think not just about the minimum requirements of privacy legislation but rather about the world we’re building and handing to our children.

January 28, 2021 / 2 minute read

SolarWinds Attacks Highlight Advantage of Indicators of Behavior for Early Detection

Each week has brought new insights into what happened. Most of those updates have confirmed what we already know: whoever perpetrated these attacks were intent on not being detected. The most recent update on the attacks was no exception…

January 27, 2021 / 6 minute read

Cybereason vs. SolarWinds Supply Chain Attack

On December 13, 2020, IT infrastructure management provider SolarWinds issued a Security Advisory regarding their SolarWinds Orion Platform after experiencing a “highly sophisticated” supply chain attack.

December 22, 2020 / 2 minute read

The SolarWinds Supply Chain Attack and the Limits of Cyber Hygiene

On December 13, Reuters reported that malicious actors had gone after both the U.S. Department of Treasury and the U.S. Department of Commerce.

December 14, 2020 / 3 minute read

Ensuring Digital Safety and Security This Holiday Season

Exercising caution around email links, locking down payment cards and investing in a password vault can help users stay safe and happy online during the holidays.

December 2, 2020 / 2 minute read

Heart of Cyber Darkness: How I Became a Defender

On that day, the veneer was torn away and I saw the heart of cyber darkness and knew that I was a Defender.

October 29, 2020 / 2 minute read

It’s October: YES, National Cybersecurity Awareness Month Still Matters

This is not the time to bludgeon the rest of our company’s with reminders to use AV and keep it up to date or to “think before you click.” Instead, it’s a time to push the boundaries of cyber awareness in three ways: new audiences, deeper messages, and innovation, especially around emerging technology.

October 15, 2020 / 2 minute read

Ensuring Data Privacy: Update on EU Court of Justice Ruling

July ruling by EU Court of Justice deemed EU-US Privacy Shield as inadequate. Cybereason is the only EPP vendor that gives you full control of your data.

July 20, 2020 / 1 minute read

Ransomware: To Pay or Not to Pay

It might be appealing to have a clear-cut, black-and-white measure for when to talk or when to shut down talks; but the nuances of when it makes sense to enter into negotiations and when it makes sense to pay ransoms for hostages or not is not as straightforward as a five-word policy.

May 7, 2020 / 3 minute read

Why We Created Remote Workforce Protection

Cybereason Remote Workforce Protection is built to help organizations secure their new, evolving-everywhere office, and to ease the burden on IT and security teams. 

March 25, 2020 / 1 minute read

Eagle vs. Panda: Does COVID-19 Rhetoric Have Us On The Brink Of War?

A disturbing polemic is emerging against the background noise of coronavirus reports from around the world: the cause of the problem is the other, the foreign.

March 19, 2020 / 3 minute read

Ghost in the Machine: Reconciling AI and Trust in the Connected World

This blog is a summary of the research and perspective of Cybereason CSO Sam Curry and Dr. Alon Kaufman of Duality on AI and Privacy titled: Ghost in the Machine, reconciling AI and Trust in the Connected World.

March 12, 2020 / 4 minute read

How Geopolitical Events Will Change Cybersecurity in 2020

As we enter the New Year, we need to keep in mind how nation state evolution, new targets, and security vendor stagnation will serve as motivation for hackers.

December 19, 2019 / 2 minute read

Use SIEM and EDR Together to Improve Defenses and Save Money

In this white paper, we explore the complementary and interdependent uses of SIEM, SOAR, and EDR technologies. By using these tools in conjunction with clearly defined roles, security operations teams can reduce costs, improve security, and assist human intelligence in a repeatable, reliable way.

March 25, 2019 / 2 minute read

What the government shutdown of 2019 meant for our collective cybersecurity

After five weeks, the partial U.S. government shutdown of 2019 just came to a close.

January 25, 2019 / 3 minute read

AI in cybersecurity: the IDC AI Innovators Report and what it means for security practitioners

Back in 2017, Cybereason CSO Sam Curry and CTO Yonatan Striem-Amit spoke to a crowded room at the RSA Conference about the hype and hope of AI and Machine Learning. Fast forward a year later, Cybereason was recently named an IDC Innovator in the AI Intelligence-Infused Security Solutions report.

January 10, 2019 / 3 minute read

Stopping the bad guys, part two

Cybereason is launching our Ai Hunting Tour - a cross-country road show - in just a few short weeks. We’re scheduled to visit 34 cities and more always seem to be added. If you’re a CISO, an analyst, or anything in between - there’s going to be something for everyone.

September 5, 2018 / 1 minute read

Cybereason named to AI 100

Cybereason was named to the AI 100, a ranking of the top 100 artificial intelligence companies. Only six cybersecurity companies made the list.

December 20, 2017 / 1 minute read

Who watches the watchers? Thoughts about the Uber breach

Cybereason CSO Sam Curry shares what CEO, CSOs and the security community should takeaway from the Uber data breach.

November 22, 2017 / 3 minute read

Fool me once, shame on you; fool me twice...?

Adversaries will find ways around almost anything given time and effort, so it’s a given that cybersecurity has to get better at adapting in a competitive, evolutionary race.

June 29, 2017 / 2 minute read

Why next-generation antivirus requires more than building a better mousetrap

When EDR is brought to the antivirus game, it’s greater than the sum of the parts and puts the next gen into next generation endpoint protection.

February 13, 2017 / 3 minute read

The Internet of Noise threatens to choke the information ecosystem with digital pollution

Sam Curry, Cybereason Chief Product Officer, explains why some basic IoT security is necessary if we don't want our smart devices to become pollutants that threaten the Internet.

November 22, 2016 / 3 minute read

Life, liberty and the pursuit of happiness in a digital world

Cybereason has joined the Coalition for Cybersecurity Policy and Law to help keep the Internet bright and safe for all.

November 15, 2016 / 2 minute read