The United States stands at a pivotal juncture for true digital and cyber security, with unlimited potential. The 2023 U.S. National Cybersecurity Strategy presents a fresh perspective on safeguarding digital territory—a perspective rooted in collaboration, innovation, and accountability. This moment poses a critical consideration of whether to invest in a future where collaboration is the norm...

Security researchers have identified that a widespread LinkedIn malicious hacking campaign has seen many users locked out of their accounts worldwide. Some users who have had their access to their LinkedIn accounts blocked by the cybercriminals changing their passwords have been pressured into paying a ransom, according to a report from Cyberint , and threatened with permanent account deletion. In...

Serverless architecture has increased in recent years, and is anticipated to grow by nearly 25% over the next decade, According to one source , the serverless architecture market was worth over $9 billion in 2022, with its compound annual growth rate projected to increase. The market could be worth over $90 billion by 2032. This indicates the immense amount of potential that this industry carries...

According to the Cyber Security Skills in the UK Labour Market 2023 report released by the UK government, 50% of UK businesses face a fundamental cyber security skills gap, while 33% grapple with an advanced skills gap. This is just one of the challenges that the Chief Information Security Officer (CISO) must face. While these figures remain similar to 2022 and 2021 , it's evident that there's...

The past three months witnessed several notable changes impacting privacy obligations for businesses. Coming into the second quarter of 2023, the privacy space was poised for action. In the US, state lawmakers worked to push through comprehensive privacy legislation on an unprecedented scale, we saw a major focus on children's data and health data as areas of concern, and AI regulation took center...

As technology advances, the battle between cyber criminals and organizations intensifies. Cyber threats have become more sophisticated, complex, and widespread, posing a significant risk to the security and integrity of sensitive data. In Q1 2023 alone, the number of global cyber attacks increased by 7% , with an average of 1,248 attacks reported per week. In a separate report by The Independent...

In cybersecurity, knowledge is everything. From APT intelligence to zero-day vulnerabilities, relevant and timely information can be the difference between a thwarted attack and a total disaster. With Business Email Compromise (BEC) attacks at their zenith, there has never been a better time for a comprehensive BEC report. As such, Fortra has released its 2023 BEC Trends, Targets, and Changes in...

A few years ago, I wrote about the importance of security immutability . More specifically, I discussed how important it is that your environment be unchangeable in order to ensure that it remains secure. As I looked back on the article, I found it rather amusing that the article was published 4 years ago, but that feels like a lifetime ago. In the last few years, we really have seen just how...

What is Rhysida? Rhysida is a Windows-based ransomware operation that has come to prominence since May 2023, after being linked to a series of high profile cyber attacks in Western Europe, North and South America, and Australia. The group appears to have links to the notorious Vice Society ransomware gang . What kind of organisations has Rhysida been hitting with ransomware? The US Department of...

Network engineers and security analysts have a lot in common. Both require the ability to not only understand the problems at hand but to ascertain the moments leading to them. A typical scenario would include a request to help with a problem a customer has been experiencing. The person you are trying to assist is probably a member of the IT team in the organisation. During these situations, we...

The cybersecurity landscape has become more complex for many reasons. For one, it is the constantly changing risk environment where businesses are compelled to confront evolving threats and actors that leverage emerging technologies and advanced tactics. Cybersecurity has become a top priority for boards since they realize that being cyber resilient is a strategic choice and a competitive...

Safeguarding sensitive data is a huge concern for organizations. One of the biggest challenges they face is the threat posed by insiders who work for the organization. In fact, a report found that 74% of organizations are at least moderately vulnerable to threats from insiders. This has increased spending towards protecting against insider threats by more than 76% between 2018 to 2022, according...

The World Wide Web, now simply referred to as the Internet, is by far the most significant technological revolution in tech history. The current generation of the internet is Web 2.0, which allows users to browse and write content powered by centralized data centers. Today the cyber world is rapidly progressing towards Web 3.0. Web 3.0 is a decentralized database where users have complete control...

Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. The analysis , by Comparitech, looked at 478 confirmed ransomware attacks on manufacturing companies between 2018 and July 2023, in an attempt to determine their true cost. Whereas many of the headlines connected with ransomware have focused on the ransoms...

We have come a long way in the cybersecurity sector in a relatively short period of time, but there remain many challenges in day-to-day operations that create security gaps in many organizations. One of the most common is tied to how we build our solutions, making sure they are secure out-of-the-box instead of only being evaluated during a pen test or annual review, and finding out then that...

Most small and midsized businesses trust an IT services partner to help them secure their networks. A few years ago, high-profile cyberattacks targeting MSP vendors Kaseya and SolarWinds thrust the security risk of relying on a complex chain of vendors into the technology media and moved the Department of Homeland Security to issue a statement about the need for greater security in the IT services...

Cyber Threat Intelligence (CTI), or threat intelligence, is evidence-based knowledge established from current cyber threats, gathered from myriad sources to identify existing or potential attacks. Threat intelligence assists in identifying the motives, targets, and attack behaviors of a threat actor and implementing strong defenses from future attacks. According to IBM’s Cost of a Data Breach 2022...

Despite being the second-largest internet market in the world, India has yet to pass a comprehensive data privacy bill. It is important to have policies and regulations in place to protect them and their right to data privacy—a right that India’s Supreme Court recognized in 2017. Since then, the country’s government has been working towards passing a bill that codifies the rights of individuals to...

The General Data Protection Regulation (GDPR) is a set of privacy and security standards put into effect by the European Union (EU). Widely accepted as the world's strictest security and privacy law, GDPR imposes regulations on organizations that target or collect data relating to people in the EU. European Parliament signed GDPR into law in 2016, requiring all organizations to comply by May 2018...

The latest Verizon Data Breach Investigations report indicates that over 70% of data breaches involved the human element. Cybercriminals exploit people to trick them into clicking unsafe links, opening malicious attachments, entering their credentials into bogus login pages, sharing sensitive data, and authorizing fraudulent fund transfers. One area where many exploits take place is on social...