Sometimes I forget to marvel at what we, as an industry, have built in the past 30 years. I have this little device in my pocket, and a slightly larger version on my nightstand. With either one, I can video chat with a friend in the UK, access my medical records, or check in for a vet appointment. I can track my workouts or reserve a table at my favorite restaurant.

New research shows organizations are significantly increasing efforts to secure their supply chains in response to software supply chain attacks like Log4Shell, SolarWinds, and Kaseya. Today, the Enterprise Strategy Group (ESG) released “Walking the Line: GitOps and Shift Left Security,” a multiclient developer security research report examining the current state of application security.

We measure and test things that are important in our lives, from credit scores to blood pressure. For cybersecurity, testing threat protection defenses is an expected benchmark. Netskope recently completed a set of anti-malware tests with AV-TEST, an independent anti-malware testing lab based in Germany with one of the world’s largest databases of malware samples. Every second, AV-TEST discovers four to five new malware variants.

As manufacturers dash headlong into smart factory initiatives, the number of IoT devices operating in factories, warehouses, and across supply chain infrastructure is exploding. Manufacturers seek to utilize IoT in a range of places, be it video camera inspection devices on the assembly line, temperature sensors on refrigeration units, or maintenance telemetry sensors on factory equipment.

“Automation” has become a buzzword in cybersecurity circles. That’s not surprising in an environment where security specialists are in short supply and under intense pressure to defend the business against a huge variety of threats from innumerable different sources. Using technology to do at least some of the work seems like a no-brainer. Nevertheless, it seems that organizations are finding it hard to get the right approach to cybersecurity automation.

Can you name the top cybersecurity risks for banking and investment? Most would probably list cyber attacks like phishing, credential theft, DDoS, and maybe ransomware. But would it surprise you to learn that there is something on the list that many in the banking and investment industry forget–and that’s client-side cybersecurity threats. You know the kind…the ones related to jQuery, cross-site scripting (XSS), JavaScript injections, formjacking, etc.

Insider threat incidents have increased by 44% over the past two years, and the cost of an incident now tops $15.3 million, according to the 2022 Cost of Insider Threats report from Ponemon. To defend against this pressing security — and business — risk, organizations need a comprehensive insider threat detection strategy. This article provides extensive guidance to help you get started building an effective program.

‘Measure the Real Cost of Cybersecurity Protection’, by Gartner® analysts Stewart Buchanan, Paul Proctor and Bryan Hayes, is available for a complimentary download from the Netacea website until 31st August 2022. We think the report teaches how to use outcome-driven metrics to set protection-level agreements (PLAs), gaining business stakeholder support and the budget approval needed to deliver them.

On behalf of the entire Snyk community, I am excited to share that Forbes has named Snyk to the Forbes Cloud 100 list for the third consecutive year, coming in at #20 — which is 19 spots higher than last year! The full list was unveiled this morning.

One of the things I’ve grown accustomed to as a developer is fiddling around with new languages or frameworks I find interesting. So naturally, working with our partners to launch Snyk Apps is right in my wheelhouse. At work and on my own time, I enjoy trying to build something that others might find interesting or useful. As a Jira user myself, I decided to take a look at Atlassian’s Forge platform and see what I could do with it.