The advent of connected devices has brought about significant change in the technology industry. We all accept that data is power – the more we know about our devices and users, the more effectively we can serve their needs. The integration of connected devices has transformed several industries, including healthcare, transportation, and manufacturing.

If cyber threats feel like faceless intruders, you’re only considering a fraction of the risk. Insider threats pose a challenge for organizations, often catching them by surprise as they focus on securing the perimeter. There is a bright side, however. Understanding the threat landscape and developing a security plan will help you to mitigate risk and prevent cyber incidents. When designing your strategy, be sure to account for insider threats.

We know that managing SSL/TLS certificates across hundreds – or even thousands – of Internet-facing assets is often a manual job for most security teams. Certificates that have expired, for example, offer an excellent opportunity for malicious actors to execute a variety of hacks (in some instances, even a MITM attack) and can also put sites at risk of becoming inaccessible. We’re excited to share that automated SSL/TLS certificate assessments are now a part of Surface Monitoring.

Artificial intelligence has arguably overstayed its welcome as a buzzword in the technology realm, leading to debates around the efficacy of the tool and definition of the term for the better part of two decades. But in the world of cybersecurity, businesses are just beginning to reap the benefits of advanced machine learning models that can actually keep up with ever-changing threats from cybercriminals with nothing but time on their hands to break algorithm-based defenses.

On March 29, researchers from two security companies identified an active campaign originating from a modified version of a legitimate, signed application: 3CXDesktopApp, a popular voice and video conferencing software. 3CXDesktopApp is developed by 3CX, a business communications software company. According to its website, 3CX has 600,000 client organizations and 12 million daily users.

It's no surprise that organizations are moving to the cloud to innovate — to meet the growing demands of their customers and digital transformation. Organizations want to build applications that are fast and scalable. They want to make use of the latest cloud-native capabilities like containers, orchestrators, microservices, APIs, and declarative infrastructure. However, this also means security in the cloud cannot be an afterthought.

Security AI usage has surged, and enterprises are reaping the benefits. In its 2022 Cost of a Data Breach Report, IBM found that organizations deploying security AI and automation incurred $3.05 million less on average in breach costs – the biggest cost saver found in the study. According to the study, organizations using security AI and automation detected and contained breaches faster. However, while leveraging AI clearly makes a difference, organizations must implement the right architecture.

There are never enough hours in the day to do everything. I think we all have a to-do list that is at least twice as long as the time available to complete it. To cope, we prioritize what’s “on fire” or what has the most potential to immediately cause damage if it’s not taken care of. Often the things we “should” focus on fall to the wayside as they are outshined by what we must do immediately.

Majestic Care is a nursing home company that has more than 20 locations throughout Indiana. The organization serves elderly patients all over the state and manages a great deal of medical and financial information as a result. That's why it's so upsetting to hear that one of the company's 20 locations was hit by a cyber attack that resulted in the loss of data. If you or one of your loved ones uses the Middletown location, you may have lost important data and could be at risk.

In security, there are always tensions; the balancing act between security, convenience, and functionality. While these three, often competing interests cause many people to become frustrated, there are some simple steps that can ease the security struggle.