Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week lets explore the concept of security service edge (SSE) and why it was removed from the secure access service edge (SASE) in the recent Gartner Magic Quadrant.

Modern applications log vast amounts of personal and business information that should not be accessible to external sources. Organizations face the difficult task of securing and storing this sensitive data in order to protect their customers and remain compliant. But there is often a lack of visibility into the sensitive data that application services are logging, especially in large-scale environments, and the requirements for handling it can vary across industries and regions.

Here’s a scenario that was unlikely just two years ago: permanently telecommuting from Honolulu to your financial job on Wall Street. Fast forward to today, the world has accepted that productivity is just as feasible from the beach as it is from a skyscraper. In fact, according to Upwork, nearly 5 million people in the U.S. have moved because of remote work since 2020 with another 19 million planning to do so.

The Cyber Security Breaches Survey helps to inform government policy on cyber security. As well as exploring processes and approaches to cyber security within a range of different organisations, the survey also looks at the varying types of cyber-attacks they face and their responses. In this blog post, we outline some of the main findings of the 2022 survey.

Every security professional dreads “The Phone Call.” The one at 2 a.m. where the tired voice of a security analyst on the other end of the line shares information that is soon drowned out by your heart thumping in your ears. Your mind races. There are so many things to do, so many people to contact. You jump out of bed. For a moment, you stare into the mirror longing for yesterday — when your network hadn’t been breached.

As the digital world continues to rebuild after the Log4j hurricane, the threat landscape is once again disturbed by the rumbling of an approaching zero-day storm. After barely recovering from a zero-day dubbed as the worst hack ever encountered, concerns are understandably heightened, and as a result, there are many misconceptions about the severity of Spring4Shell.

NEWPORT BEACH, CA — April 22, 2022. Ekran System Inc., a recognized vendor of insider risk management software, has been listed as a Representative Vendor in the Gartner 2022 Market Guide for Insider Risk Management Solutions.1 The guide aims to help security and risk management leaders understand and implement a comprehensive insider risk management (IRM) program.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Normally cloud backup is a good thing; only when it’s not….

In our new threat briefing report, Forescout’s Vedere Labs describes how it analyzed files and tools used by an affiliate of the ALPHV ransomware group during an attack. ALPHV, also known as Black Cat, is a Ransomware-as-a-Service gang that was first discovered in November 2021.

Modern software companies often provide many things at once. Their reach extends beyond a single product or service — and their security tools must match this pace. Our own Steve Kinman (Field CISO, Snyk) and Adrian Guevara (Head of Cybersecurity, Willowtree) recently held a roundtable discussion on the challenges hypergrowth organizations face with implementing code security in a rapidly moving space.