The banking and financial sector is known for its dependence on third-party vendors that help provide customers with quality financial products and services. It is one of the most interconnected sectors, making it one of the most vulnerable to cyberattacks. And because third parties operate through the banks they are contracted with, any losses are the bank's responsibility.

In this blog post, we will discuss the first step in creating a successful IR plan: preparation. This step is crucial to an Incident Response Plan as this prepares your business to react when targeted by a cyber attack. This blog highlights the importance of the Preparation step and why its vital for businesses.

Digital transformation is expanding the attack surface in financial services. Throughout the pandemic, the accelerated adoption of digital banking, payments, and insurance channels has enabled providers to offer greater levels of service, new financial products, and enhanced journeys to their customers. However, with growing amounts of data and increasingly complex IT ecosystems, bad actors are finding more creative ways of wreaking havoc. In fact, U.S.

Cyber threats to elections in the U.S. and abroad remain at an elevated level and continue to evolve. It’s appropriate and encouraging to see continued growth and investment in cybersecurity efforts within elections communities. As a longstanding leader in defending elections globally, CrowdStrike understands the importance of these efforts and we want to do our part to help raise and sustain awareness.

CrowdStrike has identified a new cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure. Called “Kiss-a-dog,” the campaign targets Docker and Kubernetes infrastructure using an obscure domain from the payload, container escape attempt and anonymized “dog” mining pools.

MITRE is a world-renowned research organization that aims to help build a safer world. It is probably best known in the information security industry for being the organization behind the industry-standard CVE (Common Vulnerabilities and Exposures) list. Each entry on the list is supposed to include an explanation of how the vulnerability could be exploited. These attack vectors are tracked and defined in another well-known knowledge base called ATT&CK, which is also maintained by MITRE.

Intellectual property (IP) is crucial for manufacturing organizations to compete in the market. At the same time, IP may be a target for dishonest competitors, former employees, and cybercriminals. That's why it's vital to take all possible measures to protect the security of intellectual property in the manufacturing sector.

The FedRAMP PMO recently announced new rules for how contractors will need to comply with the Federal Risk and Authorization Management Program (FedRAMP) Authorization Boundary rules in draft format. This is a big deal because FedRAMP compliance is mandatory for any company that wants to do business with the federal government.

We previously covered the basics of FedRAMP by simply asking “What is FedRAMP?” This time, we’re going to talk about how you can get approved as a FedRAMP Cloud Service Provider (CSP). We’ll talk about some of the advantages of being FedRAMP authorized. We’ll also discuss FedRAMP compliance versus certification to understand the difference. Additionally, we will define terms you will need to know during your FedRAMP journey.