Modern applications are hugely dependent on open-source software. 80 percent of most organizations’ apps and code base is now open source, in some cases more. While this is great for swift development and innovation, it increases the possibility of vulnerabilities arising that bad actors can exploit, and it expands the potential attack surface.

In the digital age, identity theft poses a pervasive threat that organizations, regardless of their size or sector, must relentlessly combat. This insidious form of cybercrime involves the malicious exploitation of sensitive and confidential data, carrying grave implications for any organization. The consequences of a single breach can encompass financial losses, irreparable damage to reputation, and the imposition of regulatory penalties.

Cyber risk quantification (CRQ) can be an invaluable tool. The ability to put a number to cyber risk aids in communicating with board members, planning strategic investments, calculating the return on investment of cybersecurity spending, and right-sizing cybersecurity insurance coverage. However, many organizations avoid taking advantage of CRQ due to some common misconceptions.

Cybercriminals continually evolve their techniques, leading to more successful phishing attacks. Using techniques such as text-based attacks that utilize social engineering and highly targeted spear phishing, bad actors are able to bypass traditional email security and land in their target’s inbox. According to the organizations surveyed for the 2023 Email Security Risk Report, 92% fell victim to phishing attacks.

Johns Hopkins is one of the leading teaching hospitals that serve approximately 500 medical students annually while caring for tens of thousands of patients. The facility has a total of 1091 beds and serves patients in primary care and trauma care, along with several specialties. The facility is located in Baltimore, Maryland, and because it serves so many students and patients, it stores a huge amount of personal and medical data. Some of that data was just released because of a breach.

While cryptocurrencies have been celebrated for their potential to revolutionize finance, their anonymous nature has also been exploited for illicit activities. From drug dealing and arms trafficking to funding terrorism, black market activities have thrived under the cloak of cryptocurrency's pseudonymity. According to a report by Chainalysis in 2023, around $21 billion in crypto transactions were linked to illegal activities.

Microsoft 365 Secure Score is a comprehensive security analytics tool for a single tenant. It uses a score-based approach to provide actionable recommendations to enhance security. However, MSPs should be aware that the scoring process fails to fit the needs of scaling MSPs in terms of business exceptions, managing multiple clients, remediation and alerting, not to mention making an assessment which is independent of MS upselling.

Digital technology is becoming an increasingly essential part of nearly every industry, and supply chains are no exception. In recent years, supply chains have become more dependent on digital solutions, from manufacturing, packing, and shipping processes, to storing records in the cloud. While digital technology increases speed, efficiency, and interconnectivity across industries, this increased complexity can also lead to higher gaps in cybersecurity.

A software bill of materials (SBOM) is a comprehensive, structured inventory of all components, libraries, and dependencies used within a software product or application. It typically includes information about the names, versions, and licensing details of each component.