The Digital Operational Resilience Act (DORA) is a mandatory EU regulation that aims to unify various information and communications technology (ICT) risk management frameworks into one comprehensive set of guidelines and requirements. ‍ The regulation is built around five pillars that strengthen and facilitate the digital and operational resilience of entities in the finance and insurance sectors.

Collaboration platforms like Atlassian Jira and Atlassian Confluence contain sensitive company and employee data, making them critical targets for cyberattacks. Teams use Jira to track and manage projects, and rely on Confluence as an internal knowledgebase for documentation, company policy guides, team wikis, and more. Atlassian organizations, which provide a centralized place for admins to manage their Atlassian products and users, are also prime targets.

Sensitive data theft is among adversaries’ most common goals. For defenders, data exfiltration can lead to the compromise of customer data, public exposure of trade secrets, and potentially permanent business and reputational damage. Victims of data exfiltration may also face legal issues for non-compliance with data protection laws. This must be a top concern for businesses.

SentinelOne warns that a phishing campaign is targeting high-profile X accounts, including those belonging to US political figures, leading journalists, major technology companies, cryptocurrency organizations, and owners of coveted usernames. “SentinelLABS’ analysis links this activity to a similar operation from last year that successfully compromised multiple accounts to spread scam content with financial objectives,” the researchers write.

My conversation with Cian Geoghegan, Reddit’s Staff CorpTech Systems Engineer, was packed with valuable insights and actionable takeaways for IT teams. Webinar attendees got to hear how Cian's team uses Tines to automate critical IT processes, improve efficiency and reduce manual workloads. Read on to hear, in Cian’s own words, why Reddit chose Tines for their IT orchestration and automation, what improvements they’ve seen so far, and what the future holds.

AI has become both a powerful ally and a formidable weapon in today’s cybersecurity landscape. While AI enables security teams to detect and neutralize threats with unmatched speed and precision, adversaries are equally quick to exploit its potential with increasingly sophisticated and automated attacks. This duality has created an arms race in which organizations must not only adopt AI but continually innovate to stay ahead.

Sensitive data is information that must be protected against unauthorized disclosure. It can be in physical or electronic form and includes PII (Personally identifiable information), PHI (Protected health information), and more. There are three main types of sensitive data that hackers and malicious insiders tend to exploit: personal, business, and classified information.

The US Coast Guard has been urged to improve the cybersecurity infrastructure of the Maritime Transportation System (MTS), which includes ports, waterways, and vessels essential for transporting over $5.4 trillion worth of goods annually.

Guide for Payment Processors SAQ D begins with a major challenge in today’s digital payment landscape. Payment processors must secure payment pages across thousands of merchant websites, far beyond managing a single payment system. Let’s put this in perspective: Real-world example: A payment processor with 10,000 merchants needs to monitor approximately 30,000 payment pages daily. That’s 30,000 potential points of vulnerability requiring constant surveillance.

Leading technically qualified people can be inherently complex and enigmatic. This unique workforce of incredibly smart people requires a different leadership approach than what might commonly be used in many other workforces.