Lately I’ve been confronted more and more with the notion of holding two opposing ideas at the same time, while being able to accept that they can both be true. This cognitive dissonance surfaced again for me when I was asked to participate in a DeVry University roundtable discussion focused on innovative ways to bridge the talent gap. Spending a virtual lifetime in education, I’m of two minds when it comes to talent and skills.

A digital footprint refers to the collection of traceable data left behind by a person’s unique online activities. Everything from your social media posts to your browsing history to your voter registration leave a trail of data that can be used by businesses and people for a variety of purposes – good or bad.

Numerous risks are inherent in the technologies that all organizations use. These risks have especially become apparent with recent ransomware attacks, which have crippled major infrastructure such as the Colonial Pipeline in the Eastern United States1. This discussion will focus on how GRC, or governance, risk, and compliance can help organizations face and manage the risks that they face.

CrowdStrike is defining the future of cloud security by empowering customers to rapidly understand their cloud risk and to detect, prevent and remediate cloud-focused threats. Today we are announcing a series of new cloud security innovations designed to deliver complete visibility into potential attack paths, from endpoint to cloud, and instantly secure vulnerable cloud workloads across build and runtime.

Privileged Access Management (PAM) is a crucial aspect of any organization's cybersecurity strategy, especially in industries that handle sensitive data, such as health care, finance and government. PAM involves implementing policies, procedures and tools to manage and monitor access to privileged accounts and limit the risk of unauthorized access or misuse. This ensures that only authorized personnel can access critical systems and data, reducing the chances of a security breach.

Cybersecurity is a constant journey, always full of fresh challenges. New threats keep popping up. Endpoint-only solutions are ineffective. And the cybersecurity skills shortage makes it difficult to recruit and retain top talent — especially with the increasing salaries required to be competitive. You may consider a security operations center (SOC), until you find out that operating one in-house is prohibitively expensive and time-consuming.

May often heralds the start of summer — warm weather, long days, and plenty of cybersecurity workers taking much needed time off. Cybercriminals however, are always at their monitors and love to take advantage of times when they know defenses may be down and this month was no different. May saw a wide range of cybercrime, including disruptions of schools and news organizations, a slow-burn in the tech sector, and public negligence from one of the web’s most well-known entities.

Today, development is faster than ever. More apps and code are being written than ever before. There are more third-party dependencies in use to speed development, more containerization, and even code that controls the deployment and configuration of apps and the cloud. To ship quickly, developers need to stay on top of security issues. They want to understand how to build secure applications by getting feedback as they work.

A cybersecurity baseline is an invaluable set of standards for your organization. It helps you understand your security posture, identify security gaps, and meet cybersecurity regulations. The most widely adopted cybersecurity baselines are those recommended by the NIST Cybersecurity Framework, the SANS Top 20 Critical Security Controls, and Shared Assessments (designed for third-party risk management). We covered the specifics of these frameworks in a previous blog.