Most cybersecurity professionals know that cyber breaches increase each year. So it’s no surprise that the cybersecurity insurance business also keeps growing briskly. According to data from Markets and Markets and Polaris Market Research, the cyber insurance market swelled to $11.9 billion worldwide in 2022, up from $10.1 billion the previous year, and is projected to grow to more than $29 billion by 2027.

Iranian state-sponsored hacking group Charming Kitten has been named as the group responsible for a new wave of attacks targeting critical infrastructure in the United States and elsewhere.

This piece was originally published on Fortra’s AlertLogic.com Blog.

The boon of online business and credit card transactions in the early 90s and 2000s resulted in an increasing trend of online payment fraud. Since then, securing business and online card transactions has been a growing concern for all business and payment card companies. The increasing cases of high-profile data breaches and losses from online fraud emphasized the need for urgent measures and a standardized approach to address the issue.

Root Cause Analysis (RCA) is a technique used to identify the underlying reasons for a problem, with the aim of trying to prevent it from recurring in the future. It is often used in change management processes to help identify the source of any issues that arise following any modifications to a system or process. RCA is something Tripwire Enterprise is often deeply tied into too.

Many organizations have either been formed in, or have migrated to cloud-based environments due to the efficiency, flexibility, mobility, cost savings, and other benefits. The majority of applications that are used today are incorporated with the cloud. Most of our data and processes exist in the cloud. But simple as it is, just uploading your files to the cloud or using services of the cloud, doesn`t guarantee that it`s secure.

Spring is here! Who’s up for some digital spring cleaning? Digital de-cluttering helps you organize your life and has the bonus of reducing your vulnerability to common threats. But knowing where to begin can be hard; most of us leave a larger digital footprint than we realize. I have created a checklist to help you clear away the clutter and reap the rewards of a clean digital slate.

The K-12 Report breaks down the cyber risks faced by public schools across the country and is sponsored by the CIS (Center for Internet Security) and the MS-ISAC (Multi-State Information Sharing & Analysis Center). Published “to prepare K-12 leaders with the information to make informed decisions around cyber risk”, the report provides a data-driven analysis of what went well, what could be better, and what exactly is threatening our K-12 schools.

Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims. 29-year-old Kosi Goodness Simon-Ebo was extradited from Canada to the United States earlier this month, according to a Department of Justice press release, and will appear before a federal court on Friday. Two of Simon-Ebo's alleged conspirators, James Junior Aliyu, 28, and 31-year-old Henry Onyedikachi Echefu.

Multinational payment processing firm Nexway has been rapped across the knuckles by the US authorities, who claim that the firm knowingly processed fraudulent credit card payments on behalf of tech support scammers. A Federal Trade Commission (FTC) complaint argues that Nexway and its subsidiaries broke the law by helping scammers cheat money from unsuspecting consumers.

Electrical grid security has been getting a lot of attention recently. It started fairly quietly, and then when it was a featured story on a news program, it rose to the top of the collective consciousness. However, the news stories that followed were focused entirely on the physical vulnerabilities of the US power grids. Few, if any stories covered the cybersecurity angle of securing the grids.

It was just a short time ago that Fortra came into being, as the new face of HelpSystems. Fortra is a company that combines a group of cybersecurity products and services into one portfolio. As with all acquisitions, many customers wondered what benefits this would bring to the Tripwire product line. We took the opportunity to speak with Fortra’s Principal Evangelist, Antonio Sanchez, who sheds light on how this acquisition delivers more value to all of our customers.

This piece was originally published on Fortra’s AlertLogic.com Blog. Managed detection and response (MDR) would be nothing without a SOC (security operations center). They’re on the frontline of our clients’ defenses — a living, breathing layer of intelligence and protection to complement our automated cybersecurity features. These are the people who make our MDR services best in class so dependable. It’s time you met them.

The demand for cybersecurity in the energy sector is often understated. There is a misconception that very little IT is involved, and much of it does not impact operations. But 97% of surveyed ICS security professionals in the energy, oil, and gas sector believe cybersecurity is a growing concern. No industry has been untouched by digital transformation.

Microsegmentation is a security technique that partitions a network into small, isolated sections to reduce the attack surface and reduce an organizations risk. Each microsegment is typically defined by specific security policies, accessible only to authorized users and devices.

We seem to be fascinated by fraudsters, and recent documentaries prove this. The documentary landscape is populated with many fraud-centered stories, such as The Tinder Swindler, Fyre, The Con, Fake Heiress, The Inventor, and many others. Some have even been made into series, such as the story of Elisabeth Holmes in The Dropout, and the story of Anna Delvey in Inventing Anna. We just can’t get enough of it, and who can blame us? These stories are fascinating, entertaining, and engaging.

Accountants are being warned to be on their guard from malicious hackers, as cybercriminals exploit the rush to prepare tax returns for clients before the deadline of US Tax Day. US Tax Day, which falls on Tuesday April 18 this year, is the day on which income tax returns for individuals are due to be submitted to the government. Inevitably it's a busy time for accounting firms and bookkeepers who are feverishly collecting necessary documents from their clients.

Military cybersecurity operations are shifting to a digital battlefield, where tools and technology work to save lives and increase efficiency. With these advancements comes the increased need for resilient measures to meet the needs of soldiers, leadership, and civilians alike. A ransomware attack rocked the U.S. Marshals Service in February 2023, compromising critical state data on everything from top-secret operations, to internal administrative information.

CISA released in late February a cybersecurity advisory on the key findings from a recent Cybersecurity and Infrastructure Security Agency (CISA) red team assessment to provide organizations recommendations for improving their cyber posture. According to the Agency, the necessary actions to harden their environments include monitoring network activity to spot abnormal behavior, conducting regular assessments and drills, and enforcing phishing-resistant MFA anywhere possible.

Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. Ransomware also continues to evolve as a threat category within the past year, with old names like REvil rearing their heads and new players like Black Basta emerging in 2022.

In security, there are always tensions; the balancing act between security, convenience, and functionality. While these three, often competing interests cause many people to become frustrated, there are some simple steps that can ease the security struggle.

When I was younger, you could add a second processor to a computer, but it didn’t double the workload it handled. Natural inefficiencies meant that 1+1 was approximately 1.5 or maybe 1.75 times the workload. Today, multiprocessing and multithreading is so common that even the Windows calculator takes advantage of the benefits. So, when I look at the recent acquisition of Tripwire by Fortra, how do I calculate the result of 1 + 1?

As the United States government, the energy industry, and individual consumers work toward cleaner and more sustainable energy solutions, it is crucial to consider how new and advancing technologies affect, and are affected by, cybersecurity concerns. ­­­­Increasing use of smart energy devices can be useful for consumers to have more control over their energy consumption, but can also pose a security risk if the devices and systems are not adequately protected.

Quantum computers can solve highly complex problems faster than any of its predecessors. We are currently in a period of a quantum revolution. Many organizations are currently investing in the quantum computer industry, and it is predicted that the quantum computing market may increase by 500% by 2028.

The rise in popularity of cryptocurrencies has brought about significant concerns regarding wallet vulnerabilities and digital theft among individuals and businesses transacting in the market. While the meteoric rise in the value of cryptocurrency has attracted legitimate investors, it has also caught the attention of malicious actors who are constantly searching for vulnerabilities to exploit.