Leaders and agents running enterprise help desks today are in a very tough spot. They are tasked with resolving a dramatically increased volume of tickets, yet lack the visibility and tools needed to do so. Overwhelmed and often unable to do their jobs effectively, help desk professionals inevitably fall back on guidelines and rules of thumb that are simplistic and don’t reflect the complexity of a hybrid, digital workforce. Time is then wasted trying remedies that don’t produce results.

This month's product updates and enhancements rollup include Image Similarity Search, BIM File Preview Enhancements, and creating a Draft Document. Below is a summary of these and other new releases. Visit the articles linked below for more details.

As we've covered before, SIEMs are an expensive tool. The average enterprise-level SIEM deployment costs over £15 million a year, and operating a small, 100 to 1000-seat SIEM will still run up bills of over £10k monthly. SIEMs create spiralling costs that eat security budgets. Without a skilled team operating them, they can also make organisations less secure despite receiving more information about their digital estates. But where do these SIEM costs come from?

The Critical Entities Resilience (CER) Directive is a new initiative in the EU that aims to ensure that critical entities providing essential services are effectively managing their network and information security. The CER Directive is part of the EU’s latest effort to build stronger cyber resilience across Europe, alongside NIS2 and the EU Cyber Resilience Act.

One of the best things you can teach yourself, your family, and your organization is how to recognize the common signs of phishing and how to mitigate and appropriately report it. Phishing messages can have many different looks, traits and narratives. What worked yesterday for the attackers eventually becomes blocked, recognized, and less profitable, and they move on to different tactics.

On April 24, 2024, Cisco Talos and several government security agencies published details on a sophisticated threat campaign focused on espionage and gaining unauthorized access to sensitive information from targeted government entities and organizations in critical infrastructure. As part of that publication, Cisco disclosed CVE-2024-20353 and CVE-2024-20359, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) devices, which were actively exploited in the documented campaign.

After a new zero-day vulnerability is announced, the National Vulnerability Database (NVD) publishes a measure of its severity under the Common Vulnerability Scoring System (CVSS). CVSS scores are a crucial tool for organizations as they give an approximation of the severity of disclosed vulnerabilities.