In late August, Microsoft published its analysis of espionage activity tied to a new threat actor group called Flax Typhoon, which is believed to operate on behalf of the People’s Republic of China (PRC). The group mainly targets Taiwanese critical infrastructure, including: government, education, manufacturing, and information technology sectors.

When organizations hear “third-party risk management,” they often consider the processes needed to mitigate risks when working with a third-party vendor. These can include procurement risks and risks associated with starting new vendor relationships, often referred to as "onboarding,”—but what about when a working relationship ends?

With the average cost of a data breach now at $4.35 million, it’s time for organizations to take proactive measures to protect themselves against cyber threats. By conducting thorough security testing, organizations can gain a deeper understanding of their security posture and make informed decisions about where to allocate their resources to improve their overall cybersecurity readiness.

In merely a few decades, technological pioneers developed an unprecedented ability for society to access and store data in immeasurable quantities. This newfound power transformed many aspects of the physical world into a digital one, taking everyday activities such as banking, gaming, shopping, and socializing online.

Last week, I had the opportunity to moderate a panel at the NACD Summit, where I was joined by: Deven Sharma, Former President at S&P; John Katko, Former Member of U.S. House of Representatives; and Aaron Hughes, CISO at Albertsons. The National Association of Corporate Directors (NACD) holds its summit annually to empower directors and transform boards to be future ready. Our panel discussion focused on how board members can strategically oversee their organizations’ cybersecurity resilience.

In vulnerability management (VM), the task of sifting through vast amounts of data to pinpoint critical insights can feel like searching for a needle in a haystack, specifically a haystack with many precious needles that all look alike. And, of course, the one needle you’re looking for is mission-critical and can mean the difference between securing your business and leaving it open to attack.

When we first built the CISA KEV enrichment dashboard at Nucleus, our goal was to gain new insights into the vulnerabilities that had been confirmed by CISA as being exploited. Recently, CISA expanded the Known Exploited Vulnerabilities Catalog with vulnerabilities “known to be used in ransomware campaigns”. We find this data valuable in helping organizations identify which vulnerabilities on the KEV pose greater risk.

It is common knowledge that when it comes to cybersecurity, there is no one-size-fits all definition of risk, nor is there a place for static plans. New technologies are created, new vulnerabilities discovered, and more attackers appear on the horizon. Most recently the appearance of advanced language models such as ChatGPT have taken this concept and turned the dial up to eleven.

An effective detection and response capability is essential for monitoring key assets, containing threats early and eradicating them. However, due to the current disparate nature of potential attack vectors within an organization, affording the wide range of sensors necessary can be a challenge as well as the worry of the disruption of critical services. Yet, without robust detection and response processes, businesses are left vulnerable.

Zero-days are out there. Lurking just under the surface, waiting for the right moment to strike. A security team can do everything right and still experience a zero-day attack in its supply chain. And with innumerable configurations, devices, and platforms that can be exploited, zero-day exploits are becoming more common than ever.