The Sarbanes-Oxley Act (SOX) establishes requirements for the integrity of the source data used in financial transactions and reporting. In particular, auditors are looking at regulated data residing in databases connected to enterprise applications. To prove the integrity of financial data, companies must extend audit processes to the financial information stored within corporate databases.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. With money in some form being the objective of most attacks, it comes as a bit of a shock and much (cynical) suspicion when a recent ransomware group donated some of their haul to charity….

This week Netskope hosted our annual executive briefing with the US Embassy in London, converted, in common with many events this year, into an online webinar. We wanted to take the opportunity to consider what impact this year’s unprecedented changes and uncertainty were having on the cybersecurity landscape.

This is a clash of virtualization titans: one virtual machine, the other a containerization technology. In reality, both are complementary technologies—as hardware virtualization and containerization each have their distinct qualities and can be used in tandem for combinatorial benefits. Let’s take a look at each to find out how they stack up against each other, as well as how the two can be used in tandem for achieving maximum agility.

As cybersecurity threats evolve, companies must adapt and rethink their security strategies. This means moving away from traditional technologies and towards new cybersecurity frameworks. One such framework is the NIST cybersecurity framework, which comprises five major functions: These five functions are the pillars of a well-rounded and effective cybersecurity strategy that is designed to improve a company’s capacity to counteract threats.

In our previous blog we covered the first 10 of the NSA vulnerabilities currently targeted by Chinese hackers, here the remaining ones, again demonstrating the predictive power of our risk based vulnerability management tool Farsight

In June, one research study found that the pandemic caused just over 40% of the entire US workforce to work from home full-time. Many businesses made the quick decision to allow employees to work remotely, scrambling to provide IT resources and remote-work tools on the fly. Now, many enterprises are doubling down and allowing employees to work from home for the foreseeable future.

Initially, Security Information and Event Management (SIEM) solutions were readily adopted because of their capability to provide actionable insights into the deep corners of an organization’s network. Legacy SIEM systems helped in understanding when and where security incidents are happening in real-time. Soon enough, these SIEM systems faced an avalanche of false positives, and they required a dedicated team to filter out irrelevant alerts.

There’s no question that cybercrimes are a growing problem for businesses in the United States. A cyberattack can cost a business about $200,000 on average. Sadly, many businesses that are targeted cannot recover from the financial effects of a cyberattack. In fact, it’s estimated that 60% of targeted companies go out of business within six months of the attack.

Businesses want to connect to their users and meet them where they are. One growing way to communicate to them is through text messages including providing coupons, recent news, and other marketing materials. When these marketing efforts are unwanted by the customer, this is when they cross the line into the SPAM category. SPAM has taken many forms throughout history such as junk mail in your mailbox and robocalls.