It’s been a while since I have had the pleasure of announcing a new version of Security Monitoring (September 2018), but today I am doing just that. There is nothing better to inspire spending your evenings coding and playing with Splunk than your partner watching shows that just don’t interest you! For my UK friends, yes ‘Love Island’ is that show and for my more international friends "look it up!". So, what updates did I bring?

In a previous article, we discussed what the NIS Directive is. The European Union developed the Directive in response to the emerging cyber threats to critical infrastructure and the impact cyber-attacks have on society and the European digital market. The NIS Directive sets three primary objectives: The “actors of particular importance” are the operators providing essential services (OES) and digital service providers (DSP) in the EU.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24 As IoT encroaches further every day into our lives, often as a result of some marketing guy’s idea to flog their junk, the fear that it could all wreak havoc at some point catches me. This week a wonderful article hit my feed which highlights what could be reality for some now, and a great number in the years to come.

Hackers and cyber criminals have evolved social engineering tactics to trick unsuspecting individuals into divulging private information or valuable credentials. One such evolving tactic is typosquatting, a form of social engineering attack that tries to lure users into visiting malicious websites with URLs that are common misspellings of legitimate sites.

NERC is a non-profit organization that sets industry standards, educates and trains industry personnel and provides guidelines for grids. You can find the details on NERC and NERC reliability standards in our article. What is NERC? NERC refers to the North American Electric Reliability Corporation. It is a non-profit organization whose main aim is to provide necessary regulations that reduce the risks regarding reliability and security.

This is part 2 of a blog on healthcare security. For more info, check out part 1. An independent guest blogger wrote this blog. When it comes to data security, there is no more important place than the healthcare industry. When people go to the doctor, they provide all of their most sensitive information, from their health issues to their phone number, to a doctor they trust.

Over the last few decades, volumes of domestic and cross-border data flow have skyrocketed. Predictions from a team of software experts from Techjury estimated that in 2020, each person will generate 1.7 megabytes in just a second. The increase in data volumes, while increasing the efficiency of organizations through real-time decision making has also increased security breaches where consumer data is being exploited for gain.

Cybersecurity performance management is the process of evaluating your cybersecurity program's maturity based on top-level risks and the associated level of investment (people, processes and technology) needed to improve your security security to meet regulatory requirements and business outcomes. Security metrics improve decision making by helping risk management and security teams take a risk-based, outcome-driven approach to assessing and managing their organization's cybersecurity capabilities.

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better. In Q4 of 2019, according to the new study published by security firm Coveware, the average ransom payment more than doubled – reaching $84,116, up from $41,198 in Q3 of 2019.

In our previous post on API Gateways we discussed how services handle external client to service(North-South) traffic. When it comes to dealing with service to service(East-West) traffic it is common to implement a Service Mesh.