Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2025

trustcloud

Ahead of the curve: Proactively managing third-party risks

Jan 18, 2025 By Tejas Ranade In TrustCloud
According to a Gartner report, 60% of organizations will rely on third-party vendors for more than half of their critical business operations by 2025. However, Gartner also warns that third-party risk events – such as data breaches or compliance violations – will increase by 30% in the same timeframe. As a technology leader, these figures resonate deeply with the challenges I see organizations facing daily.
Read Post
cyphere

Cyber Essentials NHS and Healthcare Organisations

Jan 18, 2025 By Harman Singh In Cyphere
Cyber Essentials scheme is a UK government-backed initiative designed to help organisations, large or small, shield themselves from common cyber threats. It outlines a straightforward set of technical security controls that, when appropriately implemented, can reduce an organisation’s attack surface. This is particularly vital for NHS and healthcare organisations. They handle NHS data that needs robust protection.
Read Post

Women in Technology featuring Roopa Naidu, Senior Technical Project Manager @1111systems

Jan 18, 2025 By 11:11 Systems In 11:11 Systems
"Be bold and put yourself out there. Seek support and mentorship from people willing to help you grow in your career. Having a vision for your career and going after it is crucial in this industry." - Roopa Naidu, Senior Technical Project Manager, Development At 11:11 Systems, we recognize the value of diversity and the unique contributions of our female employees. We’re pleased to feature some of our outstanding women in a series of Q&A blog posts, showcasing their experiences, insights, and impact on the tech industry.
View Video
SecurityScorecard

What is the Threat Landscape?

Jan 17, 2025 By SecurityScorecard In SecurityScorecard
The threat landscape refers to the evolving environment of cyber threats, attack methods, and attack vectors targeting organizations, governments, and individuals. Shaped by threat actors like hackers, nation-states, and criminal groups, it has grown increasingly complex with the rise of cloud computing, IoT devices, and interconnected supply chains. These changes have expanded attack surfaces, offering adversaries more opportunities to exploit vulnerabilities.
Read Post
lookout

Cybersecurity Forecast: Key Predictions for 2025

Jan 17, 2025 By Lookout In Lookout
As we head into 2025, the cybersecurity landscape is set to become more complicated than ever before. The evolution of artificial intelligence has touched every part of the digital landscape, creating both new opportunities and new risks. As cyber attackers adopt more sophisticated tactics, techniques, and procedures, organizations will have to be forward-thinking to fortify their defenses.
Read Post
sysdig

Detecting and mitigating CVE-2024-12084: rsync remote code execution

Jan 17, 2025 By Sysdig Threat Research Team In Sysdig
On Tuesday, January 14, 2025, a set of vulnerabilities were announced that affect the “rsync” utility. Rsync allows files and directories to be flexibly transferred locally and remotely. It is often used for deployments and backup purposes. In total, 6 vulnerabilities were announced to the OSS Security mailing list. The most severe vulnerability, CVE-2024-12084, may result in remote code execution. This post will cover how to detect and mitigate CVE-2024-12084.
Read Post
cyphere

NCSC Cyber Assessment Framework (CAF)

Jan 17, 2025 By Harman Singh In Cyphere
Cyber incidents can result in catastrophic consequences. Cyber risks faced by public sector organisations need a plan. NCSC developed the cyber assessment framework (CAF) to help organisations achieve and demonstrate cyber resilience, specifically in, specifically by identifying the important functions at risk of disruption due to cyber incidents.
Read Post

Cyber Resilience @1111systems with Kaushik Ray, Chief Experience Officer @Sungar

Jan 17, 2025 By 11:11 Systems In 11:11 Systems
"The balance of proactive and reactive measures is how you get cyber resiliency. Cyber resiliency is equal to cybersecurity plus cyber recovery." Hear from 11:11 Systems' Chief Experience Officer Kaushik Ray on what cyber resilience at 11:11 means for our customers.
View Video
ignyte Team

CMMC Auditor vs Assessor (CCA): How the Two Compare

Jan 17, 2025 By Max Aulakh In Ignyte
The full compliance process for CMMC, the Cybersecurity Maturity Model Certification, culminates in an audit that validates an organization’s cybersecurity posture and its implementation of the security controls that apply to it. Throughout this process, there is a gatekeeper who performs your audit. You may have heard of them referred to as a CMMC Auditor or a CMMC Assessor. With these two terms in play, you may be wondering what the difference is between them.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.