A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could lead to a directory traversal, allowing a malicious container to replace or create files on a user’s workstation. This vulnerability stemmed from an incomplete fix of a previously disclosed vulnerability (CVE-2019-1002101). Are you vulnerable?

With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. Malware analysis — the basis for understanding the inner workings and intentions of malicious programs — has grown into a complex mix of technologies in data science and human interpretation. This has made the cost of maintaining a malware analysis program generally out of reach for the average organization.

Due to the revolution of the internet, cyber-attacks on unsecured networks are increasing tremendously and organizations are on the verge of data breaches. Securing proprietary information, Personally Identifiable Information (PII), or any other sensitive data have become a daunting task. Preventing business disruption, information theft, and reputational loss is necessary to thrive and survive in the competitive industry.

What’s happened? British Airways is facing a record fine of £183 million, after its systems were breached by hackers last year and the personal and payment card information of around 500,000 customers were stolen. 183 million quid!? That sounds huge! Yes, it’s the biggest fine ever handed out by the UK’s Information Commissioner’s Office (ICO).

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) and its 281 directives can be a time-consuming hassle. Fortunately, there are ways to minimize your PCI DSS scope, saving time and resources for your organization and auditor, and ratcheting down your stress levels. Larger organizations—those processing more than 1 million credit-card transactions annually—may need two years to reach initial PCI DSS compliance.

Level Setting on Tech Companies Let’s start by defining what a technology company is. Think hardware, software, and technology service companies who are creating a form of technology that others can purchase and utilize. Some of the biggest and most popular players in this space that may come to mind include Facebook, Microsoft, IBM and Google. These companies provide pure technology to their consumers for a price. Though common, the sector is not limited to these types of companies either.

Cyber security may be about to become more than AOB for organisational boards across the country. British Airways has been struck with a record-breaking £183-million fine as a result of its data breach last year in which around 500,000 customers had their data stolen, including credit card and CVV numbers.

Ransomware attacks increased by 105% in the first quarter of 2019, according to Beazley’s tally of insurance claims and data analytics. Other alarming reports show that new variants of Ransomware keep appearing almost every month. In addition, two years after the WannaCry Ransomware attacks, 1.7 million computers still remain at risk in 2019 according to TechCrunch. Fortunately, there are cybersecurity solutions that can protect your data during file transfer and file storage.

Speed and security. Old-fashioned thinking contended that the two were incompatible; that high-velocity development and deployment of apps and software services invariably introduced higher levels of risk. However, it has become increasingly apparent that speed is a necessary aspect of security. The stakes are sky-high, with some estimates projecting that the annual cost of cybercrime losses and damage will reach $6 trillion by 2021.

An industry that is worth more than $2 billion, SIEM keeps growing and evolving. The first instances of SIEMs appeared as descendants of numerous security technologies: LSM, SIM, SLM/SEM, SEC and such. The earliest versions were so limited that they were barely able to scale across large companies and were rather slow. They also needed huge teams to manage thus raising the costs ever-higher. However, SIEMs have changed greatly since.