In 2016, an article in the Harvard Business Review called out organizations that focused on external cybersecurity threats while ignoring the threats originating from within — and rightly so. Today, about 66 percent of organizations believe that malicious insider attacks are more likely than external attacks. This points to a growing (and welcome) awareness of internal cybersecurity threats.

Given the countless cyber threats facing organizations these days, security has become one of the most pressing issues on the executive mind. Yet when we talk about cybersecurity, we rarely focus on security vulnerabilities and how patching those vulnerabilities is crucial for a cybersecurity program. So what is vulnerability patching, exactly? A vulnerability is a flaw that cybercriminals can exploit to gain unauthorized access or to perform unauthorized actions on a computer system.

Cybersecurity threats have proliferated for years, and that shows no sign of stopping. One estimate, for example, is that damages due to cybercrime will hit $10.5 trillion by 2025. One especially pernicious threat gaining new popularity: fileless malware. Fileless malware attacks are particularly dangerous because, unlike traditional malware, they involve no files to scan — and therefore are harder to detect by conventional endpoint protection tools.

In an article posted on the organization’s website, the Center for Strategic and International Studies (CISI.org) reported that, as of January 2019, the United States had 314,000 more available cybersecurity positions than it had trained professionals available to fill them. That was an increase of over 50% since 2015.

Creating a cyber-resilient organization means understanding your security risks and how to mitigate them. However, the cybersecurity risk’s continuously shifting nature makes it challenging for organizations to choose the right risk assessment strategy. By understanding the types of risk assessments and how to use them, you can make better-informed decisions.

AT&T Alien Labs™ has discovered a new campaign by threat group TeamTNT that is targeting multiple operating systems and applications. The campaign uses multiple shell/batch scripts, new open source tools, a cryptocurrency miner, the TeamTNT IRC bot, and more.

Amazon EKS Anywhere is a new deployment option for Amazon Elastic Kubernetes Service that lets you create and operate Kubernetes clusters on-premises. With it, you can run containerized workloads in whatever location best serves your business. Carefully considering what’s needed for security will help you reduce risk and safeguard against potential threats.

1Password has been a remote company since we started more than 15 years ago. We’ve worked hard to build and maintain a remote culture, as we grew, that places value on a healthy work-life balance, transparent communication, and trust. That’s why we’re thrilled to announce that we’ve been included in Quartz’s Best Companies for Remote Workers 2021.