In a recent webinar, SecurityScorecard hosted Justin Herring, Executive Deputy Superintendent, Cybersecurity Division of the New York Department of Financial Services (DFS), and Luke Dembosky, Partner and Co-Chair of the Data Strategy & Security practice at Debevoise & Plimpton, to discuss DFS’s top cybersecurity priorities this year, current enforcement and to examine trends, and the regulatory environment around cybersecurity in 2022.

I am excited to share that SecurityScorecard is now formally a member of the Information Technology Sector Coordinating Council (IT-SCC). Established in 2006, the IT SCC is the principal entity for coordinating with the government on a wide range of critical infrastructure protection activities and cybersecurity issues.

One of the greatest challenges in cloud environments today is to ensure rapid development cycles while keeping up with security vulnerabilities. Sysdig and Snyk announced today a partnership to deliver integrated code to container runtime security that eliminates up to 95% of vulnerability alert noise, optimizes remediation, and protects runtime. Developers can be fast with security barriers removed, and yet without sacrificing security.

Ransomware continued to be the most significant cybersecurity threat facing critical infrastructure, healthcare, defense, and other industries, according to a report issued jointly on February 9 by law enforcement and cybersecurity agencies from the United States, United Kingdom, and Australia.

For the past 20 years, I’ve served as CISO for companies across different sectors. In this role, I have shouldered responsibility for protecting each organization from a wide swath of rapidly developing cybersecurity threats. I have also learned firsthand how much stress security leaders face day-to-day. Recent conversations with my peers have shown stress in cybersecurity is an industry-wide problem. The CISO role is one of the most stressful in any organization.

Kubernetes is an API-centric orchestration platform. Every request, from the cluster components to users interacting with the system, has to go through the API server. The API server is a component in the control plane, and acts as a gatekeeper for the operation requests originating from both inside and outside of the cluster.

Hosting the Olympics is always a source of national pride for any nation chosen to do so. Whether in winter or summer, the prestige of the world’s eyes being on an event that transcends political differences and has sport at the fore is a prize many countries and regions aspire to achieve. This all sounds fantastic and at one level is exactly what is happening at the 2022 Winter Olympics.

Being a sysadmin is definitely not for the average human being. You have to always be ready to help people, fight hackers, use tech gadgets … actually, a sysadmin’s typical day sounds a lot like the life of a superhero! But even superheroes have a dark side. We asked our sysadmin community to share some naughty things they’ve ever done — or keep doing. Naturally, their responses will remain anonymous due to the delicacy of the topic!

We are pleased to announce that we’ve recently attained Cyber Essentials certification with the NCSC in addition to our existing compliance with PCI DSS, SOC 2 & ISO 27001. The NCSC (National Cyber Security Centre) is the UK authority for monitoring cybersecurity incidents, conducting threat assessments and acts as an overarching technical authority for mitigating cyber threats.

In a recent episode of the Cybersecurity Sessions podcast, Netacea CTO Andy Still quizzed Beacon CTO Stewart Boutcher about ‘artificial engagement’, a term Stewart has championed as a member of the Data and Marketing Association North Council. Artificial engagement refers to fake clicks and impressions generated by bots on ad networks, costing marketeers huge chunks of their digital advertising budgets.