In 2020, the world was hit with an unexpected pandemic that changed much of life as many had come to know it. Virtually overnight, masks were required, employees were working remotely, children were home from school, and businesses were locked down to stop the spread of Covid19. In reading the news and social media the term “The New Normal” has taken front and center as the image that is being promoted.

Another day, another supply chain attack. No sooner did we recover from the SolarWinds breach, than we found ourselves reeling from a new ClickStudio attack. That’s why we’ve decided to launch this new series, fondly named The Source, to provide you with the latest news and updates on supply chain security. On this installment of ‘The Source’, get to know the red hot supply chain attack methods du jour.

As organizations continue to rely on software for core business processes, application security is an ever-critical consideration. Snyk recently held a roundtable with Reddit to discuss application security in 2021. In this post, we’ll recap the discussion between Guy Podjarny, President & Co-Founder of Snyk, and Spencer Koch, Security Wizard at Reddit.

The Solarwinds supply chain attack has made the danger of third-party breaches very clear. Businesses globally are realizing that their vendors may not be as secure as they originally thought. The concerning truth about vendor relationships is that you can never be confident of a prospective vendor's cybersecurity. In fact, onboarding new third-party vendors increase your digital risk and the likelihood of becoming victim to a third-party breach.

The Biden administration said it’s drafting an executive order to help the United States government better defend itself against digital supply chain attacks.

Cyber security experts weigh in on what we’ve learned about President Biden’s cyber security strategy in his first 100 days in office. President Joe Biden declared in mid-December, more than a month before he took office, that cyber security would be a “top priority” of his administration. It should be. The digital world, as we are all now reminded daily, has a direct impact on the real world, for better and worse.

Clop Ransomware has been active since 2019 and has been mostly associated with financially-driven criminal groups. However, lately this ransomware payload has been observed in campaigns against universities and other institutions in the education vertical.

Data privacy has been a hot topic in the tech world for years now. With every new technology come new regulations that require companies to completely re-examine the way they handle private data. Most companies already have a basic data privacy policy they constructed alongside lawyers and tech experts to avoid facing serious fines and penalties. However, compliance isn’t just about focusing on current regulations and meeting the bare minimum requirement to avoid legal consequences.