Workplace collaboration has been steadily evolving from sharing of information through simple email attachments to more sophisticated cloud-based applications sharing. In the business world, where every organization is garnering unique business practices to gain a competitive edge, data is the king. This means that data has to be shared between organizations, where both mutually benefit. Access to the right information adds clarity and helps in faster decision-making.

Any organization with data assets is a possible target for an attacker. Hackers use various forms of advanced cyberattack techniques to obtain valuable company data; in fact, a study by the University of Maryland showed that a cyberattack takes place every 39 seconds, or 2,244 times a day on average. This number has increased exponentially since the COVID-19 pandemic forced most employees to work remotely, and drastically increased the attack surface of organizations around the world.

ESG research on cyber risk management, which involved 340 cybersecurity professionals, revealed that 40 percent felt tracking patch and vulnerability management over time was their biggest challenge.

Image source Business technology generally advances on a rapid basis, however, so do the cyberthreats that can endanger your security. According to BusinessWire, more than half of enterprises believe that their security cannot keep up, and according to IBM News Room, more than half of organizations with cybersecurity incident response plans fail to test them.

To keep up with the pace of the modern world, organizations are constantly looking for ways to release software faster than their competitors. This “need for speed” has led many organizations to adopt DevSecOps. With DevSecOps, security is moved earlier in the software lifecycle, into the realm of developers. As a result of the changing development landscape, application security testing has also been evolving.

As Marcus Hutchins was on his way home to the UK after attending Def Con and Black Hat in Las Vegas, NV, the FBI arrested him. This event sparked immediate internet outcry, especially among the cybersecurity community, as Hutchins was better known as MalwareTech and had just made cybersecurity fame by stopping the WannaCry ransomware outbreak a few months prior. So, why did the FBI arrest a newly famous cybersecurity expert?

Ransomware today is a billion-dollar industry. It’s crippled industries like healthcare. In 2017, for instance, WannaCry brought much of the United Kingdom’s National Health Service to its knees using the EternalBlue exploit. It was just a few weeks later when the NotPetya ransomware strain leveraged that same vulnerability to attack lots of industries.

The NIST 800-53 standard offers solid guidance for how organizations should select and maintain customized security and privacy controls for their information systems. NIST SP 800-53 Revision 5 is one of many compliance documents you need to familiarize yourself with if you are working with information technology. This post breaks it down for you into digestible pieces that emphasize the standard’s practical meaning and application.

As the pharmaceutical industry seeks to improve health outcomes globally, a critical area of investment is increasing participant diversity. We know that gender, age, and race have profound effects on the way pharmaceuticals are metabolized. That is why the FDA has been encouraging diversity in clinical trials for years, although without mandate nor incentive. The burden has largely fallen on industry groups to work out the how.

Cloud security. Cloud architecture. Cloud storage. As you start scaling your business, you know “the cloud” is an important element of your IT capabilities. But, it can be a little confusing to understand the ins and outs of “the cloud” — especially when it comes to using cloud-based tools for your company to work remotely. Before we get into private vs public clouds, let’s quickly establish what we mean by cloud computing.