Our CFO cybersecurity survey has shown that Chief Financial Officers are highly confident in their companies’ abilities to ward off cyber security incidents, despite being somewhat unaware of the cyber vulnerabilities their business faces. Almost 87% of the surveyed executives expressed this confidence, yet 61% of them had suffered at least three significant cyber incidents in the previous 18 months.

Cloud computing has created the most profound shift in information technology in recent memory. Leveraging cloud technology, companies can build, deploy, and scale their applications faster than ever. But the adoption of cloud native tools and processes also brings new security challenges. Between complex cloud infrastructure and the expansion of cloud-based services, malicious actors have access to a bigger attack surface than they did even a few years ago.

As cyberattacks become more sophisticated and frequent, developers and security teams often become overextended in their efforts to protect their software and applications. In an article for Security, Daniel Elkabes, Mend’s vulnerability research team leader, highlights what cybersecurity leaders should invest in now to help set up their teams for the future.

Anyone who has watched the Lockpicking Lawyer realizes that certain locks promoted as the latest-and-greatest aren’t necessarily the most reliable devices for securing physical assets. Like many other security professionals, he seeks to educate consumers and manufacturers on defects in devices and how to improve their security. It reminds me of a quote by Deviant Ollam (security auditor and penetration testing consultant): "Security is achieved through openness.

One of the benefits of a secure access service edge (SASE) framework is that organizations can dramatically simplify the implementation of security services without having to go through constant network redesigns and appliance operating system updates.

Cyber-attacks happen around the clock, far more often than can ever be reported outside of the organizations they affect. But sometimes an attack is so widespread and devastating that it sends shockwaves through the business world and even into the mainstream media. Incidents like SolarWinds and Log4j were front page news, sending organizations scrambling to patch them.

For some time now the Cyberint Research Team has been witnessing attacks targeting China. While most campaigns related to OpChina are focusing on infrastructure and government data breaches, over the past weekend, a major breach of the popular social network TikTok occurred, revealing 1.7 billion records and relations to another popular Chinese app – WeChat. The group taking full responsibility for this breach is none other than the notorious BlueHornet, aka AgainstTheWest, aka APT49.

1Password Business customers can now connect 1Password to Google Workspace to automate provisioning and deprovisioning tasks, saving valuable IT resources and strengthening your security posture in the process.