In September 2021, Tripwire released its annual report to examine the actions taken by the U.S. federal government to improve cybersecurity. The report also looks at non-government organizations so that we may catch a glimpse of the differing views and approaches of each, which makes for interesting (and revealing) insights.

“Have you tried shutting it off and turning it back on?” While AIOps won’t likely remove this query from our vocabulary any time soon, technology is certainly here to take on a bulk of the heavy lifting. For all-sized companies, service calls are still going to continue to pour in. And, there’s no sign of any of the world’s CompTIA certs going to waste in the near future. Still, thanks to AIOps, many jobs within the world of IT will become more streamlined.

Properly closing out construction projects can be a major administrative hassle that takes time away from more productive tasks. Not only do you have to identify and retain your contracts, warranties, and proof of completions, but you also must remove team members who no longer require access to systems and folders. It’s typically a very manual process—but it doesn’t have to be.

Gmail is an immensely popular service, with nearly 2 billion active accounts. And as the service has grown, businesses have turned to it for all kinds of things it was never meant to do: user authentication, password recovery, and perhaps most problematic, the passing of sensitive or regulated data between parties.

Nightfall is a data security vendor that integrates with our customers’ third party applications (Slack, Google Drive, Github, Jira etc) to, on a continuous real-time basis, scan all content being added to these applications for sensitive data.

Aaron McCray, Ignyte’s Chief Operating Officer, is giving a brief overview of the changes to CMMC 2.0, and more specifically its Practice levels vs Maturity levels in the video below. Aaron is a commercial risk management leader by trade and a Commander in the U.S. Navy Reserves.

CIOs are remaking the IT function — no longer will security and developer teams be siloed. Recent survey data from 451 Research, part of S&P Global Market Intelligence, and published by Elastic shows a major shift in who is using application security tools, suggesting that DevSecOps is not just an idea, but a growing reality for IT decision makers. IT decision-makers allocated application security tools to 48% of development teams in 2020, compared to just 29% in 2015.

There’s only one thing that’s certain in cybersecurity: The cyberthreat landscape is constantly changing, and the tools and solutions we have at our disposal to combat cybercrime must continue evolving if we are to stay ahead of — or at least keep up with — them. As 2021 winds down, the Devo security team is already looking ahead to the most pressing cybersecurity trends likely to appear in 2022. Here are my top three predictions for the new year.

The shift to an online-first world, accelerated by the Covid-19 pandemic, has made more consumers choose to shop online than ever before. In 2020, more than 100 million US customers shopped online during the Black Friday weekend, resulting in a 22% increase in online spending. Netacea was interested in how people shopped online, and whether they experienced any Black Friday issues in 2021.

At midnight last Thursday, we experienced one of the most notable infosec events in years. A new zero-day exploit in a popular logging package for Java, Log4j, was discovered. The exact origin and timeline are still being investigated, but it’s important to note that this was not just a vulnerability announcement. The information disclosed was rapidly followed by fully functional exploit code—and the exploit itself turned out to be trivial to execute.