Cloud security is not only good for consumers — but it’s also a requirement for businesses in many industries. Understanding compliance regulations (like GDPR) and security frameworks (like NIST) can help IT teams create strong, layered privacy and security controls and data loss prevention using a range of platforms and integrations. Here are the most common and comprehensive security standards that businesses need to know to be cloud compliant.

A virtual private network (VPN) is a useful tool that protects your online activity by creating a secure ‘tunnel’ that sits between your device and the site or service you’re trying to access.

At SecurityScorecard, we believe that making the world a safer place means transforming how organizations view cybersecurity. For us, this means that companies must take a holistic approach, protecting systems not just from the inside, but also knowing what an organization’s vulnerabilities look like from the outside-in to see what the hackers are seeing.

Cybersquatting is a form of cyberspace domain name trademark infringement. In a nutshell, Cyber-squatters registered trademarks as domain names, typically selling the names back to the registered trademark owners at a profit.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Way too many awesome articles to include caught my attention this week. These three made it though. When you become popular (OK, perhaps not totally correct) you do tend to attack the attention of those wanting to take a bite. This was perhaps then inevitable.

A CASB (cloud access security broker) is an intermediary between users, an organization, and a cloud environment. CASBs allow organizations to manage cloud security and enforce security policies through a consolidated platform. The term CASB was introduced by Gartner in 2012, defined as “...

Ransomware has quite rightly been one of biggest ongoing stories of 2021 – and not just in the world of cybersecurity. The biggest ransomware cases where major companies have been forced to a halt until they pay a ransom have made global, headline news. The impact to victim organizations is usually financial loss and reputational damage. However, in cases such as the Colonial Pipelines attack, ransomware has caused real-world impacts on the general public too.

Private equity firms understand the threat of cyberattacks all too well, but they don’t always know the best way to proactively address this growing problem. According to a recent report by global consulting firm Deloitte, worldwide private equity assets under management (AUM) are anticipated to reach $5.8 trillion by 2025.

Organizations store high volumes of business-critical information in Amazon S3, such as personally identifiable information (PII), credit card information, secrets & credentials, and more. Identifying and protecting sensitive data in Amazon S3 is increasingly time-consuming, complex, and expensive, especially as your organization takes on more data.

Online travel agencies, more commonly referred to as OTAs, are online booking platforms used to compare prices and book flights, hotels or holiday packages. Well-known OTAs include Expedia, Booking.com and TripAdvisor. While we have seen a significant increase in the use of OTAs for booking travel arrangements in recent years, we have also seen a similar rise in OTA fraud. Total fraud loss to OTAs was predicted to grow by 19% to $25 billion by the year 2020.