The Federal Risk and Authorization Management Program (FedRAMP) has been in place for just over a decade (2011). Its purpose is to provide a “cost-effective, risk-based approach for the adoption and use of cloud services” by the federal government. This is to equip and enable federal agencies to utilize cloud technologies in a way that minimizes risk exposure through security and protection of federal information and processes.

You’ve likely been practicing good personal hygiene since childhood, but have you heard of cyber hygiene? Similar to personal hygiene practices which maintain good health and well-being, cyber hygiene practices maintain the health and well-being of your sensitive data and connected devices. This blog will define cyber hygiene, discuss the importance of maintaining cyber hygiene and explore best practices for ensuring cybersecurity.

The cyber risk landscape changes quickly. In the last few years we’ve seen a rise in the number of ransomware attacks, and the end of 2021 was marked by the Log4J vulnerability. As data stacks get bigger and more difficult to defend, you may be wondering what threats are on the horizon in 2022. Based on what we’ve seen so far, the coming year’s risks are likely to be fairly familiar.

Software supply chain risks are escalating. Between 2020 and 2021, bad actors launched nearly 7,000 software supply chain attacks, representing an increase of more than 600%. Without identifying and managing security risks within the supply chain, you could be exposing your critical assets to attacks. Implementing a supply chain risk management strategy is essential to staying ahead of the potential threats and making the most of your software.

In the world of cybersecurity, artificial intelligence (AI) has changed the way we discover, respond, and recover from cyberattacks. But despite the several advancements of AI in cybersecurity, cyberattacks are becoming more and more dangerous because of AI. Cybercriminals are now leveraging existing artificial intelligence tools and AI-based technologies for use in their own attacks, and as a result, cyber threats and attacks are becoming harder to prevent.

According to the FBI Internet Crime 2020 Report, phishing scams were the most prominent attack in 2020 with 241,342 complaints reported and adjusted losses of $54 million. In particular, whaling (a highly targeted phishing attack) has been on the rise and is only expected to grow from here. A whaling attack targets high-profile executives with access to valuable information and systems. Let’s take a closer look at whaling attacks and how to stay protected.

Viruses, worms, ransomware — even the least tech-savvy among us know what these are, and want to avoid them if at all possible. What do they all have in common (besides the fact that they can lock up your devices and attempt to steal your data)? They all fall under the malware umbrella.

In a recent webinar, SecurityScorecard hosted Justin Herring, Executive Deputy Superintendent, Cybersecurity Division of the New York Department of Financial Services (DFS), and Luke Dembosky, Partner and Co-Chair of the Data Strategy & Security practice at Debevoise & Plimpton, to discuss DFS’s top cybersecurity priorities this year, current enforcement and to examine trends, and the regulatory environment around cybersecurity in 2022.