The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 1.1 has been a critical reference to help reduce or mitigate cybersecurity threats to Critical Infrastructures. First launched in 2014, it remains the de facto framework to address the cyber threats we have seen. However, with an eye toward addressing more targeted, sophisticated, and coordinated future threats, it was universally acknowledged that NIST CSF 1.1 required updating.

In our interconnected world, the value of data is growing with cyber threats also on the rise. This causes the security and protection of data to become crucial. Organizations have become compelled to adopt strict measures to safeguard their data. Implementing security practices in data protection and encryption ensures the confidentiality, integrity, and availability of the data stored in the cloud.

Environmental sustainability is more important than ever before for organizations across all sectors. Sustainability concerns including geopolitics, future-focused developments, advanced ESG reporting, and building sustainability into supply chains going forward are all significant trends shaping businesses in 2023 and beyond.

Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks. Singapore’s position at 5th place “Between 1st January and 1st August, CYFIRMA’s telemetry recorded 410,793 phishing campaigns,” the researchers write.

What do ambulances in the UK, the Norwegian government, and a major Russian bank have in common? They were all victims of successful supply chain attacks in July 2023. Could you be next? It’s more likely than you think. Organizations entrust more sensitive data to vendors and third parties (like government agencies and critical infrastructure operators) than ever as part of their software development and operations.

In today’s cloud-driven landscape, containerized workloads are at the heart of modern applications, driving agility, scalability, and innovation. However, as these workloads become increasingly distributed across multi-cluster, multi-cloud, and hybrid environments, the challenge of securing them grows exponentially. Traditional network security measures designed for static network boundaries are ill-suited for the dynamic nature of containerized applications.

Data. Breach. We see these two words all the time in the news, on social media, and in company emails notifying us that our information might have been affected.

Cloud infrastructures can comprise thousands of interconnected and dynamic resources. This complexity introduces unique challenges to monitoring and securing these architectures. Understanding where user activity originates—and what actions constitute security threats—is a complex task when you’re dealing with the huge volume of logs, metrics, and other telemetry that highly distributed cloud environments generate each day.

In modern web applications, cross-origin resource sharing (CORS) enables secure communication between applications hosted on different origins. Developers use CORS to access other applications’ services within their own. This approach eliminates the need to rewrite features from scratch, accelerating development time and improving the developer experience.

Pharming in cybersecurity is a type of cyberattack that redirects website traffic from a legitimate site to a spoofed site, or fake site, with the intent of stealing sensitive information such as passwords and credit cards. These fake sites look almost identical to legitimate sites and can be difficult to spot – but not impossible. Continue reading to learn how to identify a pharming attack and protect yourself from it.