Due to the increasing frequency and impact of cybersecurity threats, vulnerability management has become a heightened priority for many organizations. While businesses often focus on vulnerability assessments when developing their vulnerability management programs, assessments are only the first step in a holistic cybersecurity threat mitigation strategy. One aspect of vulnerability management that is often overlooked is vulnerability remediation.

The following is derived from the new book, Modern SD-WAN for SASE for Dummies, Netskope Special Edition. Click here to get your complimentary copy. For decades, computer networking has powered our businesses, our communities, and our lives. As computing and the digital world have evolved, enterprise networking has struggled to keep up. Local area networks (LANs) gave way to MPLS WANs and MPLS WANs gave way to SD-WANs. Out with the old, in with the new.

There are many ways to incur technical debt but the broadest reason it both exists and persists is that most applications are old and most software developers are working on new things. In an ideal world, agile organizations would have very little technical debt because they should always return to their code and improve it. But in the real world, the fast pace of continuous rollouts means agile organizations can be especially prone to collecting large amounts of technical debt.

Cybersecurity is a complex and multifaceted arena. However, one element stands out as a crucial aspect in this field—cultivating and maintaining a robust security culture. Often underestimated in conversations, it nonetheless forms the bedrock of a secure environment.

The Saudi Data and Artificial Intelligence Authority (SDAIA) has decided its’ about time to call for the Kingdom of Saudi Arabia’s first data protection law. The Personal Data Protection Law (PDPL), originally included a public consultation component when it was launched by SDAIA in late 2022. Since then, the public consultation was withdrawn, and the draft version of the data protection law augmenting PDPL was issued.

Welcome back to our Overcoming Cybersecurity Headwinds blog series—building on our latest webinar about third party risk with Marc Crudginton, CISO at Howard Hughes Corporation. In our previous blogs, we explored the wisdom of centralizing cyber risk management and automating third-party risk management (TPRM). Today, we will focus on future proofing your TPRM program.

The cloud revolution has firmly taken hold, and businesses of all sizes are adopting cloud-native technologies. This new paradigm has also created newer attack surfaces for cybercriminals, who are eager to exploit known security gaps in cloud environments. Sysdig is collaborating with Docker to deliver a more efficient process for identifying risks and opportunities for accelerated remediation in Docker Scout using runtime insights.

In the tech security scene, we’re always on the lookout for new vulnerabilities, especially when they are already exploited in the wild. The latest zero-day CVE-2023-20269 is hitting Cisco’s Adaptive Security Appliance VPN features. The attack surface scan conducted by IONIX research on a sample of organizations indicates that 13% of these appliances are potentially vulnerable through at least one interface.

Cyberattacks are on the rise around the globe. Recent data suggest that there are 2,200 cyberattacks every day and that the average cost of a data breach is $9.44 million. Of those cyberattacks, 92% are delivered via email in the form of malware and phishing. In 2022 alone, businesses reported 255 million phishing attacks with an average cost of $4.91 million.