Data breaches have become alarmingly frequent and expensive. In 2022, the average incident incurred a massive cost of $4.35 million and, further compounding the associated costs and impacts, took an average of 243 days to identify and an additional 84 days to contain. This figure is expected to climb even higher as regulatory bodies across the globe tighten data protection laws, escalating the financial and reputational stakes of failing to safeguard sensitive information.

When company leaders and managers consider their cybersecurity risks, they too often focus on their vulnerability to external threats only. While state-sponsored attacks, phishing attacks, ransomware, and third-party software infiltration are becoming more prevalent in the current threat landscape, it’s important that those potentialities don’t distract attention from the dangers posed by insider threats.

The US Department of Justice has indicted four Iranian nationals for allegedly launching spear phishing attacks against the US government and defense contractors. In one instance, the hackers compromised over 200,000 employee accounts at a victim organization. “In conducting their hacking campaigns, the group used spearphishing — tricking an email recipient into clicking on a malicious link — to infect victim computers with malware,” the Justice Department said.

There are so many exciting things happening in the AI space currently. One of them is the integration of Microsoft Copilot, a generative AI, with Microsoft 365 applications. This fusion brings Copilot’s capabilities into the suite’s comprehensive office productivity tools to transform daily workloads and enhance productivity efficiency through the automation of mundane tasks, alongside offering insights and analyzing data. Key features include.

We are happy to inform you that BDRSuite has been recognized as the “Channel Partners Preferred Backup Software of the Year” by CyberSEC Global Awards 2024 held at Dubai, UAE. This prestigious award is a testament to our unwavering commitment to delivering innovative data backup and protection solutions to our valued partners and customers.

Offensive security has become a cornerstone strategy for organizations aiming to fortify their defenses against cyber threats. However, before one creates a suitably developed offensive security program, an organization must ensure it is properly scoped. This will ensure the final product is effective, efficient, and aligned with the organization's overall security objectives. Here's a guide to help organizations understand and implement a well-scoped offensive security program.

In July 2023, the U.S. Securities and Exchange Commission (SEC) announced new cybersecurity rules that require publicly traded companies in the U.S. to disclose material cybersecurity incidents within four business days of determining whether the incident is material to the company’s financial performance. SecurityScorecard recently hosted a webinar discussing the implications of the new rules and how compliance, security, and legal experts can elevate their game to meet these new regulations.

While the top concern for healthcare cybersecurity professionals is credential access, the Kroll Threat Intelligence team finds that the healthcare industry is consistently targeted by ransomware groups using a combination of valid credential theft and the exploitation of vulnerabilities. These and other insights are discussed in the new Kroll report, The State of Cyber Defense: Diagnosing Cyber Threats in Healthcare.

A Software Bill of Materials (SBOM) inventories all of the open source components and other third-party libraries within a codebase. Much like IKEA instructions explain which parts are included in the package for your new furniture, an SBOM describes all of the third party components in your codebase. Most SBOMs contain the following information about the make-up of an application: Security vulnerabilities: a key use case for SBOM is understanding the security risks of third party components.

Open-source software security is crucial in today's cloud-native world. Learn about vulnerabilities, dependencies, and tools to improve security in this in-depth blog post.