The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these security efforts is the misconception about data volume versus the necessity for comprehensive data collection.

The NIST Artificial Intelligence Risk Management Framework (AI RMF) is a recent framework developed by The National Institute of Standards and Technology (NIST) to guide organizations across all sectors in the use of artificial intelligence (AI) and its systems. As AI continues to become implemented in nearly every sector — from healthcare to finance to national defense — it also brings new risks and concerns with it.

IT professionals are the people who Make Work Happen™ throughout their organization — so it’s important they have the right tools at their fingertips. We believe that the best tools are those that can adapt to meet their needs as they evolve. This ethos drives the continual investment in the JumpCloud platform based on regular user input and feedback. As we’ve collected and acted upon customer feedback over the last couple of years, the JumpCloud platform has grown significantly.

It’s vital to have a common understanding and shared context for complex technical topics. The previously adopted perimeter model of security has become outdated and inadequate. Zero Trust (ZT) is the current security model being designed and deployed across the US federal government. It’s important to point out that ZT is not a security solution itself. Instead, it’s a security methodology and framework that assumes threats exist both inside and outside of an environment.

CrowdStrike Falcon Next-Gen SIEM, the definitive AI-native platform for detecting, investigating and hunting down threats, enables advanced detection of ransomware targeting VMware ESXi environments. CrowdStrike has observed numerous eCrime actors exploiting ESXi infrastructure to encrypt virtual machine volumes from the hypervisor to deploy ransomware in organizations. Access to ESXi infrastructure typically takes place as part of lateral movement.

In the first quarter of every year, organizations around the world release reports summing up data breach trends from the previous twelve months. And every year, these reports say broadly the same thing: data breach numbers have gone up again. This year is no different. Or is it?

LEEDS, UK, 15th April 2024 - Pentest People, the Penetration Testing as a Service (PTaaS®) and cybersecurity experts, today announces it is the first Leeds-based cybersecurity company to become a qualified and approved Cyber Advisor (Cyber Essentials) on the NCSC’s Cyber Advisor scheme.

On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto is here. Palo Alto has marked this vulnerability as critical and NVD has scored it a 10.0 with CVSSv3. Wallarm currently detects attacks against this vulnerability with no additional configuration required.

This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. Far too many organizations place Data Loss Prevention (DLP) and Data Protection at the bottom of their priority list due to the perceived difficulty in its deployment. When there are in fact some easy approaches to getting started with protecting your data.

Today’s SOC analysts are drowning in myriad notifications. They’re trying to parse what’s real, what matters, and what’s a genuine threat to the organization. This exhausting daily routine is significantly contributing to job dissatisfaction and the high turnover rate in SecOps teams. But there’s a major new innovation that solves it: AI-driven hyperautomation.