Netacea CTO Andy Still was recently joined on the Cybersecurity Sessions podcast by Jonathan Echavarria, an offensive security expert and Enterprise Architect at ReliaQuest. Jonathan shared his perspectives and philosophies around offensive security and what he gained from his time being part of a ‘red team’ at Facebook. Let’s recap some of the insights Andy discussed with Jonathan.

This year, security teams face more challenges — old and new — and grapple with high rates of burnout. Cloud complexity, supply chain attacks and additional obstacles are pushing security teams to the limits, and inspiring new responses. New research points to key strategies that will help organizations weather the complex challenges and attacks ahead.

In the face of this constant disruption, CIOs are supporting the addition, amendment, or strengthening of logistics workflows, supply chains, commercial and service delivery models, partnerships, and geographic footprints. In all of these programmes, CIOs often see cybersecurity as a hurdle—one more challenge to navigate in the path to a successful business outcome.

Today I want to revisit the SEC’s proposed new rules requiring public companies to disclose more about their cybersecurity risks. Those plans would obligate companies to discuss how the board and senior management address cybersecurity risk at a strategic, enterprise level. What’s that all about?

A vulnerability scan is an automated process that identifies vulnerabilities (security holes) in any software, operating system, or network that bad actors can exploit. In essence, it’s an integral component of vulnerability management focused on protecting businesses from breaches and the exposure of sensitive data.

In the past, the attack surface was defined and protected by the boundaries of the organization’s physical network (aka the LAN). Using physical security methods, firewalls, and careful monitoring, organizations kept their data, endpoints, and networks secure. The entire attack surface was internal, within a well-defined and fortified perimeter.

Has your business experienced one of the Top 5 Security Breaches of 2021? Sadly, many have. As businesses become more reliant on technology, the risk of becoming a victim of a data breach only increases. Unfortunately, the United States exceeded the previous record of cyber attacks in a single year. In 2017, we saw a whopping 1,529 data breaches – compared to the 1,862 data breaches we saw last year.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about how a country and global economy is impacted when a cybercrime happens, how every citizen is victimized, and what governments are doing to mitigate this rising issue.

Malware is a surefire knife that hackers and malicious cyber criminals use to attack organizations and corporations. Unfortunately, malware analysis in the current cybersecurity space is lengthy. It might take more than ten years to understand the size and complexity of recurring malware. Besides, detecting and eliminating malware artifacts in the current evolving period isn't enough. Security analysts also need to understand how the malware operates, the motivation, and the goals of the breach.

PCI DSS stands for Payment Card Industry Data Security Standard. This standard is set forth by the PCI Security Standards Council, an organization founded in 2006 by American Express, Discover, JCB International, Mastercard and Visa Inc. The PCI DSS sets security rules for any business that accepts their cards, with the goal of protecting customer credit and debit card data. Any business that accepts any non-cash payments needs to meet the PCI standards.