Technology is evolving at a startling pace, perhaps faster than ever before. Businesses are scrambling to reap the rewards of these technologies, especially AI. But do they recognize the cybersecurity risks associated with these changes? The World Economic Forum’s latest Global Risks Report suggests not. Digital Era, Digital ThreatsWe are truly living in the digital age. This brings many benefits....

A critical aspect of manufacturing, energy, and transportation is Industrial Control Systems (ICS) and Operational Technologies (OT). The rapid pace of digital growth makes these systems susceptible to cyberattacks.OT and ICS system security is important, making penetration testing an essential activity. This tactic makes it possible to mitigate weaknesses so they are no longer vulnerabilities. It...

Abu Dhabi is boosting its healthcare system with the introduction of the Abu Dhabi Healthcare Information and Cyber Security Standard (ADHICS). This initiative, driven by the Department of Health—Abu Dhabi (DoH)—has been put in place to protect sensitive healthcare data, improve cybersecurity resilience, and keep healthcare services running smoothly.At a time when cyber threats are skyrocketing in...

The evolution of artificial intelligence (AI) agents signals a profound transformation in how businesses operate. Unlike traditional AI models that process and respond to queries, Google defines that “Agents are autonomous and can act independently of human intervention.” At the same time, the World Economic Forum explains that an agent is “an entity that perceives its environment through sensors...

The latest version of the CIS Controls was released in June 2024. The new version, 8.1, introduces some minor updates via design principles.ContextNew asset classes are updated to better match the specific parts of an enterprise’s infrastructure that each Safeguard applies to. New classes require new definitions, so CIS has also enhanced the descriptions of several Safeguards for greater detail,...

The original NIS Directive came into force in 2016 as the EU’s first comprehensive law governing cybersecurity in member states. As part of its key policy objective to make Europe “fit for the digital age,” the European Commission proposed in December 2020 that NIS be revised, and NIS2 entered into force in January of 2023. Member states were required to transpose it into law by October 17, 2024...

Late last year, Australia’s Cyber Security Act 2024 received Royal Assent and became Law. It was a huge moment for cybersecurity legislation in Australia, serving as the country’s first-ever standalone cybersecurity law, addressing key legislative gaps, and bringing the country in line with international best practices. But what’s included in the Act? And what does it mean for businesses? Keep...

In December 2024, Malaysia passed its Data Sharing Bill 2024, a new piece of legislation aimed at streamlining data-sharing across federal government agencies. This bill promises to revolutionize how data is managed, shared, and secured within Malaysia's government, fueling a more efficient, innovative, and secure public sector.By enabling seamless data exchange between federal entities while...

In today’s dynamic IT environments, securing and maintaining the integrity of your systems is critical. Fortra’s Tripwire Enterprise is a robust tool designed to help organizations ensure compliance and security by continuously monitoring the configuration and behavior of their IT assets.When deploying Tripwire, a common question arises: should you prioritize monitoring applications, operating...

Ransomware has evolved into one of the most devastating cyber threats of modern times, creating previously unimaginable financial and operational hardships for entities in every sector. As malicious actors employ increasingly sophisticated tools, honing their tactics and spreading their tentacles, understanding the key trends, targeted industries, and financial impact is at the heart of...

British legal professionals have seen a "significant surge" in data breaches, according to new research from NetDocuments, a firm that provides a cloud-based content management platform for the legal sector.The firm has described how it analysed data from the UK regulator the Information Commissioner's Office (ICO), and discovered that the number of data breaches in the country's legal sector had...

It’s been a tough year for the healthcare sector. Throughout 2024, cybercriminals have unleashed a barrage of attacks on a vast number of healthcare organizations - with disconcerting levels of success. FBI research revealed that healthcare is now the US’s most targeted industry.The attack on Change Healthcare, a United Health-owned health tech company, for example, disrupted operations at...

The Transportation Security Administration (TSA) has proposed new rules requiring those under its jurisdiction to follow specific cyber risk management (CRM) requirements, report cybersecurity incidents in a certain timeframe, and address physical security concerns.This is positive news for the transportation industry, as hundreds of attacks have been leveled against the sector. These attacks have...

Security Operations Center (SOC) analysts have it rough. Modern security tools generate an extraordinary number of alerts, attackers are more sophisticated than ever, and IT infrastructures are unprecedentedly complex. As a result, analysts are overwhelmed with workload and alerts, making it near-impossible to make intelligent, informed decisions. Fortunately, artificial intelligence (AI) is...

Remote work isn’t just a temporary trend anymore; it has become a permanent fixture. What began as a quick response during the pandemic has evolved into the new normal for businesses worldwide. In America, 20% of people now work from home.While this has its advantages (flexibility for workers and cost savings for businesses), it’s not without its complications, having cracked open a host of issues...

Enterprise networks frequently experience changes in endpoint devices, software, and files, which can introduce risk to the organization. To mitigate this, companies can implement foundational security controls like file integrity monitoring (FIM), which tracks changes to essential files and helps restore them if unauthorized. Additionally, organizations may use these controls to monitor for...

Organizations of all types must consider and prioritize cybersecurity in order to protect against a wide range of attacks and prevent potentially catastrophic consequences. With the evolution of the threat landscape and most businesses relying more and more on technological pillars for everyday operations, cyberattacks can have impacts that extend far beyond monetary losses. However, the financial...

A Divisive Veto: California Rejects AI Safety Bill SB 1047California Governor Gavin Newsom’s recent veto of SB 1047, a proposed AI safety bill, has sparked a hot debate on the balance between innovation and regulation in the artificial intelligence (AI) space. California has over a dozen AI related bills that have been signed although this bill sought to establish rigorous safety testing...

Imagine a seemingly minor misconfiguration in your cloud storage or an employee accidentally emailing a sensitive file to the wrong person. These incidents might seem trivial, but they can quickly snowball into a massive data breach, causing financial consequences. This scenario is a stark reminder of the importance of understanding and preventing data leaks.Data leaks are a threat to...

The rapid adoption of cloud technology in the past few years has transformed IT environments, enabling unprecedented opportunities for flexibility, scalability, and collaboration. However, this transformation has introduced a potentially dangerous level of complexity into these environments – recent research from PwC revealed that 75% of executives report too much complexity in their organizations...