No single organization is prepared to stop an attack from a nation-state Not so long ago, I woke up every morning focused on one thing: finding and exploiting vulnerabilities. During my 10 years working for the U.S. National Security Agency (NSA), my single objective was to identify and exploit networks to collect foreign intelligence. I was fortunate to work alongside the world’s best professional vulnerability and exploit developers. My time serving my government was formative and humbling.

Distributing malware through a. ZIP file isn’t anything new, so threat actors are using a new tactic in response to tightening cybersecurity measures across the globe. While most people know not to open an unexpected attachment, these malicious files are starting to pop up in email threads with trusted friends and colleagues — this makes them very easy to fall for.

Modern healthcare is amazing. Hundreds of people, devices, and gigabytes of data are all harmonized to save lives and keep people healthy. Unfortunately, the very pieces that help keep us well provide a perfect hunting ground for threat actors. Threat actors are attracted to the data rich environments in healthcare organizations.

Picture this: unfortunately you had to let one of your engineers go. No matter how many times you tried to tell them, after countless interventions and meetings with the engineering lead, they simply wouldn’t stop using tabs instead of spaces. An absolutely unforgivable offense. A few weeks later, suddenly your production Snowflake database is wiped out. You log on to assess the damages and you check the SNOWFLAKE.ACCOUNT_USAGE.QUERY_HISTORY for every user in the system.

The concept of storing sensitive data in the cloud was once seen as ludicrous. Now, businesses are moving into cloud security at an exponential rate with the promise of larger storage space, lower costs, and improved performance. However, with such great benefits come severe risks.

The only constant you can count on in technology is change. From microprocessors to PCs to smartphones to software, technology continues to become faster, smarter, and more sophisticated. But make no mistake: what’s changed the most in the world of technology over the past few decades is the hacker. Hackers are highly motivated to stay ahead of the latest security trends. It’s how they keep from getting caught, and how they keep the fun and profit rolling.

If the past several years of technology advancements, pandemic adjustments, and increased cyber threats has taught us anything, it’s that data security and governance are the responsibility of the entire corporate team. Of course, the primary responsibility rests with the executives and the CISO or security team they’ve empowered, but the scope and scale of protecting critical data assets is too large for any single business unit to tackle.

We’d like to think of our coworkers as trusted team members, collaborating on a shared mission to make positive contributions to the well being of the company. For the most part, this is true, but we must also recognize that our coworkers are individuals who may conduct themselves in ways that are detrimental to the company.

Snyk has officially launched Snyk Training, a free online resource to help developers and security teams learn how to implement, configure, and use Snyk on their own. The initial content in Snyk Training focuses on three learning needs: The platform is an easy way for teams to get an introduction to Snyk tools and user best practices. Most courses take between 3 and 10 minutes, and have been described by a customer as, a “very good overview on how to get started with the Snyk journey!”

Having a plan to back up your data is one of the most important processes to protect the data in the event of a cyber attack. Should a malware or ransomware attack occur, you can boot a saved backup and restore your data to its previous state. Some organizations might use cloud-based solutions like Google Drive or Dropbox, while others prefer to keep their backups on an external hard drive. However, to ensure total data security, your backup strategy should include multiple solutions.