In business and life, getting the timing and the team right is half the battle.

A few months ago, a popular cybersecurity news organization posted an urgent notice on social media seeking help to recover their data after their blog was deleted. They announced that they had no backups and they were desperately trying to contact the site administrator to restore their blog collection. This was as maddening as it was embarrassing for the same reasons.

The AT&T Cybersecurity team’s unwavering focus on managing risk while maximizing customer experience earns high marks from security experts and customers alike. The team garnered some well-earned official recognition of the quality of flexible services they run with the announcement that AT&T won the highest distinction Gold Award in four different service categories of the 2022 Cybersecurity Excellence Awards.

Spring is a good time to do some cleaning; put away winter clothes and ski gear, open windows and let spring breezes clear out the dust that gathered through the winter. But it’s also a good time for IT and cybersecurity teams to “spring clean” their security postures as well. Below we share 10 quick and easy ways to “clean up” your cybersecurity practices and adapt to the security threats we face daily.

When cloud first emerged as a new operational model for IT, its low total cost of ownership (TCO) was a topline selling point. Yet today, when considering moving security into the cloud, many worry that it will drive up costs, or at the very least demand an upfront investment that will be hard to justify in the mid-term. The reality is that cloud-native Security Service Edge (SSE) capabilities deliver a strong return of investment (ROI) with a low TCO.

As developers, we all have our morning startup routine: make coffee, check Slack/Discord/email, read the latest news. One thing I do as part of my daily startup routine is check the Snyk Vulnerability Database for the latest open source vulnerabilities. It’s been especially interesting to see the types of exploits and vulnerabilities that appear in different ecosystems.

Interest in digital twin technology is on the rise, likely driven by the pressure placed on IT teams to ensure that their networks are predictable, agile, and secure. Network and security operations teams are actively investigating how implementing a digital twin can help their teams become more proactive and provide confidence that the network will behave as expected, even in the face of constant change.

Cloud-native and open-source technologies are booming. But for a successful cloud expansion, IT decision-makers and developers need to be in agreement despite their unique roles in the process. As more enterprises transition to cloud-native environments, the big question is how aligned are IT decision-makers and developers?

In December 2021, the cybersecurity industry was made aware of CVE-2021-44228, known as Log4Shell, a novel vulnerability in a commonly found software component called Java Log4j. Arctic Wolf extensively covered the Log4Shell vulnerability and gave updates as it got involved.

Two vulnerabilities affecting different Spring projects were identified this week. Here’s what you need to know about Spring4Shell and CVE-2022-22963. The Internet is buzzing with talk about two separate vulnerabilities related to different Spring projects. The two are not related, but have been confused because both vulnerabilities were disclosed at nearly the same time.