Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis that I was part of...

In any organization, unrestricted access to systems and resources poses significant security risks. Recent cybersecurity events have shown that attackers will target any organization of any size. The most common attack vector is through unauthorized access to a legitimate account, often preceded by a phishing technique. To protect against...

In an era characterized by relentless digital transformation and interconnectedness, cybersecurity has evolved into a complex and dynamic battleground.Businesses, governments, and individuals find themselves locked in a perpetual struggle against a relentless flood of evolving threats. From sophisticated cybercriminal syndicates to state-sponsored...

In our interconnected world, the real estate industry has embraced technology to revolutionize its operations, enhance customer experiences, and streamline business processes. Yet, while this technological evolution has brought immense benefits to the property sector, it has also attracted the attention of nefarious actors keen on exploiting...

Modern cybersecurity has reached an exceptional level, particularly with the integration of AI technology. The complexity of cyberattacks and their methodologies has also increased significantly, even surpassing human comprehension. This poses a considerable challenge for cybersecurity professionals who struggle to keep pace with the scale and...

Security and compliance are often tightly intertwined. The main difference is that sometimes, security can outpace compliance efforts. While it is easy to infer that a more secure system exceeds a compliance requirement, an auditor should not be expected to deduce the state of a system; the evidence needs to be clear. There are many factors that...

Any time the television news presents a story about cybersecurity, there is always a video of a large data center with thousands of blinking lights. Even most cybersecurity blogs will include an image of many lights on the front panels of servers, routers, and other hardware. However, most people don’t notice that the lights are usually green or...

Protecting sensitive data and other assets requires an organization to be adaptable and stay informed on things like the digital landscape and threat trends. While some aspects of security are within an organization’s control, it can be extremely difficult to manage all of the risks and vulnerabilities that are likely to arise. Security...

In 2024, transformation is reshaping industries, and the financial sector stands at a crucial juncture. The Softcat Business Tech Priorities Report, a comprehensive survey encompassing over 4,000 customers across various sectors, sheds light on this transformation. Significantly, cybersecurity has emerged as the paramount concern for financial...

Agriculture, a fundamental aspect of human civilization, plays an important role in global economic stability, contributing 4% to the global GDP. This sector not only provides food, but also supplies vital raw materials for various industries and drives economic development through job creation and trade facilitation. As we observe a technological...

The financial services sector faces unprecedented cybersecurity challenges in today's digital age. With the industry being a prime target for cybercriminals, understanding and adhering to cybersecurity regulations has never been more crucial. This article delves into the labyrinth of cybersecurity regulations affecting financial services,...

What is the greatest cyber risk in the world right now? Ransomware? Business Email Compromise? Maybe AI? Well, the last one is pretty close. According to the World Economic Forum, misinformation and disinformation are the most severe global risks of the next two years. In their Global Risks Report 2024, the WEF posited that the post-pandemic world...

Cybersecurity is a pressing topic of concern for most organizations today, as any amount of sensitive data or digital assets can present a security risk. Understanding the digital landscape, threat trends, and the way they change over time is an essential step in defending against cyberattacks. It can be daunting for any organization to stay in the...

Although attacks on small and medium-sized businesses (SMBs) rarely hit the headlines, they remain a serious threat. Unlike their corporate counterparts, many SMBs lack the tools, skills, and mitigation services they need to combat modern threats. Understanding that forewarned is forearmed, the National Cyber Security Centre (NCSC) recently debuted...

As we are well into 2024 now, we at Fortra want to continue our commitment to empowering you all with the knowledge and tools needed to protect you, your organization, and even your family. This year, we will be looking more and more at the human element, and provide you with methods to practice repeatable, real-world techniques to ingrain positive...

Last year, the Securities and Exchange Commission adopted rules on cybersecurity risk management that focused on transparency. Much of the adopted rules were focused on investors, but the rules also underscored the importance of the impact to customers when cybersecurity incidents occur. The data security landscape has recently shifted to...

Over the years, PayPal has earned a reputation for being a secure and easy way to send and receive money. However, no payment system is entirely immune to scams, and cybercriminals often exploit these platforms due to their widespread popularity and trust among users. PayPal is the most widely used online payment system in the US, making it a...

Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway, to name a few....

With all the technology we have today, installing software updates has become a near-daily, full-time activity. Patch management for large-scale enterprise IT systems can be one of the most stressful parts of an IT professional’s job. In today’s large and evolving IT networks where many new services are going online every day and software components...

Tripwire's January 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Apple, Google, and Atlassian. First on the patch priority list are patches for Apple, Google Chromium V8, and Atlassian Confluence Data Center and Server. These CVEs have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog. For...