In the face of a looming recession, companies are hunting for ways to reduce costs and increase efficiency. The pressure is particularly felt by IT departments. In addition to reducing technology costs and investing as little as possible, they must adapt quickly to evolving user needs. Several reasons have led companies to cut costs recently: Your IT department can be prepared for whatever comes next by selecting the right set of tools based on your needs.

Organizations are increasingly being held liable for breaches of employee data. But employers can take steps to mitigate the likelihood and impact of breaches. Any organization using an electronic payroll and benefits system stores and processes sensitive employee data — which covers just about every organization in operation today. There are many risks related to a cyberattack that compromises employee data, including legal liability, business interruption and reputational damage.

CrowdStrike is defining the future of cloud-native application protection platforms (CNAPP) with CrowdStrike Falcon® Cloud Security. As the industry’s most comprehensive agent-based and agentless cloud security platform, we stop cloud breaches. The 2023 Gartner® Market Guide for CNAPP shares that there are multiple CNAPP offerings in the market that meet the core requirements mentioned in the report. Vendors of these offerings are listed in the report as 26 Representative Vendors.

The need for strong identity security protocols for humans has been a given for years. Your organization likely has multiple layers of controls to ensure that access to sensitive assets is limited to those that need it. But a certain large, global (well…multi-global) organization that comes to mind on this May the Fourth also had layers of human identity controls that adhered to the principles of least privilege.

World Password Day falls on May the 4th this year, or “May the 4th Be With You!” for those who recognize this date as the annual celebration of Star Wars Day. For the 2023 observance of the latter, fans around the world (including myself) will rejoice as Carrie Fisher (aka “Princess Leia”) is honored with a posthumous star on the Hollywood Walk of Fame.

Today, Fireblocks is launching our new Fireblocks Compliance Solutions Suite to streamline and simplify how our customers meet digital asset regulatory requirements, and stay ahead of industry threats. The new suite enables Fireblocks customers to easily integrate transaction monitoring, wallet screening, and Travel Rule compliance into their existing transaction and compliance workflows and approvals.

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated willingness to trust communications they receive and to follow the instructions and links such malicious communications carry.

Walmart’s rise to become the brand most likely to be impersonated in Q1 of this year is a real problem. If you’ve been paying attention to brand impersonation in phishing attacks, you know the premise is to use a brand that a large number of potential victims do business with as a means of both establishing credibility. For many quarters, we continually saw Microsoft and/or Microsoft 365 as the brand of choice due to its wide use.

March saw a huge jump in ransomware compared to January and February, signifying that organizations should expect to see a lot more of these attacks this year. With security solutions getting good at spotting and stopping malware on endpoints and servers, you’d think that ransomware attacks would be dwindling. But, according to the NCC Group’s Cyber Threat Report for March 2023, it feels a lot more like 2023 is going to be a repeat of 2022, but at significantly higher attack levels.

The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more dangerous. I’ve covered both the threat of business email compromise and response-based email attacks before. How can I not? They are prominent techniques used by phishing scammers everywhere. But it’s the reported combination of the two by Phish Labs that has me concerned.