In 2020, we saw cybersecurity move from a technical problem to become a business enabler. In 2022, we will see 5G go from new technology to a business enabler bringing previously unimaginable use cases because of its high bandwidth and lower latency. Data from the current AT&T Cybersecurity Insights Report shows that 5G technology is being driven by the line of business and has been siloed between IT and OT organizations.
As a developer, I spend a lot of time in my GitHub account. I write apps, little utilities, and proof of concepts for when I am learning something new. I like to think that, because I spend a lot of time on GitHub, the overall health of my account is pretty high.
Malware is continuously mutating, targeting new services and platforms. The Sysdig Security Research team has identified the famous Muhstik Botnet with new behavior, attacking a Kubernetes Pod with the plan to control the Pod and mine cryptocurrency. A WordPress Kubernetes Pod was compromised by the Muhstik worm and added to the botnet. On the Pod has been deployed and executed various types of crypto miners, like xmra64andxmrig64.
Global organizations are working towards making data privacy a fundamental right. However, as the privacy paradigm shifts to a digital world, businesses are more exposed than ever before. That’s because security has not been the focus of this revolution in IT infrastructure.
Last week, we announced v5 of the ThreatQ platform with capabilities needed today to support the security operations center (SOC) of the future. SOCs have been maturing and evolving into detection and response organizations, a transformation that Gartner anticipated back in 2013 and deemed a requirement for this decade. I’m proud that ThreatQuotient has consistently been at the forefront of innovating and delivering what the SOC of the future needs.
Given the large and growing number of cyber attacks that exploit software vulnerabilities, vulnerability management is critical. A variety of unintended consequences can result from misjudging the severity of an existing vulnerability. Legal battles, financial losses, and reputational damage are all possible outcomes for a business. To combat today's modern cyber security challenges, it's critical to have a vulnerability management program in place.
Hardware security modules (HSM) and trusted platform modules (TPM) seemingly do the same thing: they manage secret keys and enable data protection. But what does “managing secrets” mean, and what’s the difference between the two? Before diving deeper, let’s explore why computers need help with managing their secrets.
According to VMware, the first half of 2020 saw a 238% increase in cyberattacks targeting financial institutions. And according to IBM and the Ponemon Institute, the average cost of a data breach in the financial sector in 2021 is $5.72 million. Based on these statistics, if you're in the financial services sector, there's a very high chance that you'll eventually fall victim to a very costly cyberattack.
What is the XDR paradox? It’s the hottest term in security but there is no consensus yet on the right definition. Why is that? Many organizations have deployed EDR and are benefiting from it, but also looking to the gaps that EDR can’t address such as unmanaged / compromised devices or network-centric TTPs. Likewise, many vendors of EDR/SIEM products have realized they have the same general workflow (analyze data, present an alert, triage it, etc).
