The number of data breaches has increased every year for more than a decade. Each incident costs companies time, money and resources to repair while inflicting often-irreparable damage to their brand reputation and customer loyalty. This reality only became more apparent during the recent pandemic as threat actors capitalized on the moment’s disruption and uncertainty to wreak havoc on our digital environments. In 2021, the number of data breaches is already on pace to reach a new record high.

There is a movement in the IT security world that is gaining traction, and it is based around the implementation of security within applications from the beginning. You may have heard buzzwords like “AppSec”, “DevSecOps” and “Shift Left”, but what do they actually mean? What does it take to “Shift Left” when developing a secure application? You can read about dealing with dependencies in our blog post.

Viruses are the hot topic of 2021. We’re not just talking about the COVID-19 virus. Computer viruses, identity theft, and threat actors are no longer just the subject of sci-fi films and crime shows, but a reality of running a business. More than ever, cybersecurity is top of mind for business leaders. Whether you are a Fortune-500 Company or just launching your first venture, no business is too big or too small to escape the realities of today’s cyber threats.

Together, we look forward to helping more global businesses to innovate securely by combining Snyk’s static analysis with Hdiv’s interactive testing capabilities. This will allow these digital-first organizations to continue their rapid pace of innovation while staying secure through comprehensive application security – from code in development to running workloads in production.

While October is famous for National Cybersecurity Awareness Month, and we provide resources and recommendations for our customers, really every month should focus on this business-critical topic. Given the frequency of Ransomware attacks, all industries need to be increasingly vigilant. This includes many aspects of cybersecurity, such as user training, endpoint security, network security, vulnerability management, and detection and response to incidents.

The Tsunami malware is back! Although it appeared for the first time several years ago, the Sysdig Research Team has just discovered a new sample of Tsunami malware targeting Jenkins and Weblogic services deployed in Kubernetes clusters. The Tsunami malware is a backdoor that gives the attackers full control over the infected systems. Indeed the targeted machines, once infected, communicate with an IRC server waiting for new commands to be executed.

As we wrap up Cybersecurity Awareness Month 2021, this week’s theme, Cybersecurity First, is all about making security a priority. To do this, many security operations teams are leaning into threat intelligence to understand specifically where and how to focus their efforts to better protect their organizations.

A recap of my time at the CNCF’s signature conference, KubeCon + CloudNativeCon NA 2021. What an amazing week at the first in-person KubeCon + CloudNativeCon since the pandemic started. This KubeCon set a precedent as one of the first major conferences to bring back an in-person component! The theme this time around was Resilience Realized, and they put this on display at the top of the convention hall.

Managing security is not solely about products and technologies. As a security leader in your company, it is important to consider numerous other factors when you decide to set up a Security Operations Center. A few of the things include - an understanding of the business plan and requirement capability. It also includes the skill set of people who will be part of the Security Operations Center (SOC) for planning the individual and team responsibilities, budget, etc.

Cybersecurity is one of the essential tasks for any business. It’s not just a matter of protecting your company’s data and information from external threats, but also ensuring that it remains robust to internal ones. All three, i.e. people, processes and technology, are your greatest asset. If they are not embedded and managed throughout the organisation, you can expect that they will inadvertently put your sensitive data at risk.