Poor password practices are one of the biggest threats to enterprise cybersecurity. Stolen or compromised passwords cause over 80% of successful data breaches. When employees use weak passwords, reuse passwords across accounts, or store their passwords insecurely (sticky notes, spreadsheets, etc.), they put their employers at risk. Organizations often leverage enterprise password managers to alleviate poor employee password practices.

In some circles, October may be best known for hosting Halloween, but at Trustwave we know it as Cybersecurity Awareness Month. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Cybersecurity Alliance (NCSA), today kicked off the 19th annual Cybersecurity Awareness Month.

This blog examines some interesting aspects of the recent reforms to Australia's Security of Critical Infrastructure Act - specifically related to the new risk management obligations that have been introduced. We'll unpack some of the ambiguities that exist and remain to be clarified in this specific area of the reforms.

Chief Information Security Officers know all about the “Sea of troubles,” and they experience “slings and arrows” daily. In mid-September, we saw a breach of Uber that threatened to undo the company’s security program - for exposing a fairly easy path to super admin privileges across most (if not all) of its infrastructure and security tools like GSuite, AWS, and HackerOne private vulnerability reports. The stakes are high.

This is an event & online exclusive video for you to meet our very own hacker here at Pentest People. In this video, we showcase our very own hacker, exclusively shown at one of our Concorde partner events this year.

Artificial Intelligence’s ability to augment and support progress and development over the past few decades is inarguable. However, when does it become damaging, contradictory even? In our latest Beyond Data podcast AI’s Climate Jekyll & Hyde – friend and foe, Tessa Jones (our VP of Data Science, Research & Development) and Sophie Chase-Borthwick (our Data Ethics & Governance Lead) discuss exactly this with Joe Baguley, Vice President and Chief Technology Officer, EMEA, VMware.

As a CIO in charge of your organization's security, you're responsible for ensuring the security of your company's data. But with so many cybersecurity threats out there, it can be difficult to know where to start. Should you focus on conducting a vulnerability assessment? Or is a risk assessment more important? In this article, we will discuss vulnerability vs risk, cyber threats, and protecting sensitive data.

The number of secrets exposed in public repositories is staggering. With reports in 2021 reaching up to 6 million secrets detected, an increase of 50% from 2020. Secret sprawl is part of every organization, but it is a plague on the open-source world of software development. Even if your organization has a top-notch security-aware culture, human error will inevitably cause secrets to leak and data to be lost or compromised.

With Teleport, Gluu can provide its clients with near-instantaneous access to its open-source software, allowing them to get up and running in minutes. This is a huge benefit for organizations who need to quickly provision their tools in order to start using them. In the past, Gluu has documented many ways that it uses Teleport to provide Gluu clients a gateway for their tools.

Technology has advanced our world in countless ways. Every day we bank, shop, conduct business, and exchange photos and messages with family and friends online. While digital devices and services offer great convenience, they also pose risks to our data and privacy as our offline and online lives converge. In 2021, data breaches reached an all-time high of 1,862, according to the Identity Theft Resource Center (ITRC), a 68% increase over 2020.