White House memo directs the Defense Department and Intelligence Community to implement its May 2021 Executive Order on improving national cybersecurity.

Enterprise risk management (ERM) can be a challenging endeavor – but a rewarding one, too. While the benefits uncovered by effective ERM don’t always add to the balance sheet directly, they do help a company’s resilience in the face of approaching dangers.

A risk assessment is a crucial first step to develop your company’s risk management program. The assessment process itself begins with identifying all potential risks; determining your “risk universe” is a simple and effective way of defining and categorizing these key risks.

When we hear the word hacking, our minds immediately go to servers, computers and laptops being hacked, but hacking isn’t just for computers, Wi-Fi routers can get hacked as well and are no exception to cyber attacks.

Cyber security (or information security) aims to protect an organisation’s or individual’s assets, be they digital or physical. In digital assets, an individual’s password is the most sensitive and valuable piece of information that cybercriminals can attempt to get their hands on.

The open ports in your hardware could be critical points of vulnerability if the services exposed to them are misconfigured or unpatched. Unfortunately, many organizations are currently exposing their sensitive resources through such malicious connections, heightening the risk of ransomware attacks, supply chain attacks, and data breaches.

A security questionnaire is a set of questions designed to help an organization identify potential cybersecurity weaknesses among its third-party and fourth-party vendors, business partners, and service providers. Organizations use security questionnaires to deliver informed vendor risk assessments. They allow organizations to vet potential vendors and other third parties by ensuring their information security practices and security policies meet both internal and external requirements.

Kubernetes is the popular container orchestration platform developed by Google to manage large-scale containerized applications. Kubernetes manages microservices applications over a distributed cluster of nodes. It is very resilient and supports scaling, rollback, zero downtime, and self-healing containers. The primary aim of Kubernetes is to mask the complexity of overseeing a large fleet of containers.

Are you wondering how to secure your Kubernetes clusters? Do you even know whether your Kubernetes is secure? Kubescape by ARMO might be the tool to help you with those and many other tasks related to Kubernetes security and scanning. Check this video by Viktor Farcic from DevOps Toolkit on Kubescape as he covers the 3 main K8s security areas – While reducing the number of false positives to a minimum and getting help fixing issues.

In the last few days, Linux maintainers disclosed a broadly available Linux kernel vulnerability that enables attackers to escape containers and get full control over the node. To be able to exploit this vulnerability, the attacker needs to be able to run code in the container and the container must have CAP_SYS_ADMIN privileges. Linux kernel and all major distro maintainers have released patches.