The Wall Street Journal recently published an article about using highly-emotionally charged, “controversial”, subjects in simulated phishing tests. Controversial topic examples include fake pay raises, reward gift cards, and free Taylor Swift tickets. The younger half of our team is convinced the latter topic would have completely tricked them.

A new report sheds light on whether CISOs have been the victim of a cyber attacks, if they're every paid a ransom, their greatest cyber concerns, and much more. While most of the reports I cover on this blog are typically surveys of those "in the trenches," we do like to cover analysis of c-suite perspectives. The CISO Report from Splunk provides some interesting insight into experienced cyber attacks and their impact.

As increasing percentages of businesses experience cyberattacks, new data provides details on where the most organizational risk lies. According to U.K. cyber insurer Hiscox’s Cyber Readiness Report 2023, attacks are on the rise: With these increases, how prepared are organizations? According to Hiscox, organizations are spending money on the problem; the median cybersecurity spend is a little over $1.39 million (with enterprises spending $4.9 million).

In the past, passwords alone were considered an effective security measure for protecting user accounts and deterring cybercriminals. Motivated by the increased threat of data breaches and other cyber attacks, the cybersecurity industry has since evolved from relying on passwords to favoring more robust authentication methods, such as multi-factor or two-factor authentication (2FA).

Securing your Kubernetes environment and workloads is paramount in today’s digital landscape. Calico is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico prevents, detects, troubleshoots, and automatically mitigates exposure risks of security breaches across multi-cluster, multi-cloud, and hybrid deployments.

This week, threat actors targeted the vital aspects of many companies characterized by their robust cybersecurity. 23andMe got hit early on, suffering demographic and relationship exposures that may target Ashkenazi Jews and Chinese descendants. The D.C. Board of Elections was also targeted, potentially exposing the voter information of 600,000+ individuals. Flagstar Bank and Air Europa also suffered, leaking the payment information of their trusting consumers.

Mobile app security refers to the measures, protocols, and practices implemented to protect a mobile application, its data, and its users from unauthorized access, data breaches, vulnerabilities, and cyberattacks. This includes implementing encryption, authentication, access controls, secure coding practices, and regular security assessments to mitigate specific threats and risks to the mobile app and its ecosystem.

Top tips is a weekly column where we highlight what’s trending in the tech world today and list out ways to explore these trends. This week we’re looking at five ways you can protect your IT infrastructure against ransomware attacks. Every year, the month of October is observed as Cybersecurity Awareness Month. This year, we wanted to dedicate a special entry in our top tips column to one of the fastest-growing digital economies in the world: the Middle East.

A SIEM system (Security Information and Event Management) is often used by security operations centers (SOCs) for real-time detection of suspicious activity and security events. While some teams choose to adopt a purpose-built SIEM, others rely on the same DevOps tools they are already using for tasks like troubleshooting and operational log data analysis.