On Thursday, December 9, security researchers published a proof-of-concept exploit code for CVE-2021-44228, a remote code execution vulnerability in Log4j, a Java logging library used in a significant number of internet applications. Also known as Log4Shell, the situation is significant and continues to evolve, and the Cybersecurity and Infrastructure Security Agency is recommending immediate action.

Financial institutions are a rich target for cybercriminals, who scoop up sensitive personal information that allows them to open fake accounts and fraudulent lines of credit. According to research from services firm Accenture and the Ponemon Institute, the average annualized cost of cybercrime to financial institutions exceeds $18 million.

One thing about the world of cybersecurity—it's seldom dull. The variety and creativity of cyberthieves keeps the industry constantly worth watching. November's roster of data breaches is an excellent illustration on that point: a mix of surprising methods, unusual motivations, and one old-fashioned data heist on one of the internet's most tempting targets.

November and December can be particularly stressful for retail organizations—and not just because of the holiday madness. As the volume of transactions ramps up during the holiday season, IT teams must be on high alert for threats buried in a sea of routine activity. But given the exponential growth of ecommerce, they also need to stave off cyber threats.

One of my favorite books is “Endurance: Shackleton's Incredible Voyage” by Alfred Lansing. I encourage you to read it if you haven’t. Here is a brief synopsis of the true-to-life story: In August 1914, polar explorer Ernest Shackleton boarded his ship, the Endurance, and set sail for Antarctica, where he planned to cross the last uncharted continent on foot.

Get ready for upcoming changes to cyber insurance policies. Due to risk associated with the increase in remote work, insurers are more likely to initiate in-depth cybersecurity risk analyses of companies seeking to purchase or renew policies, the Wall Street Journal reports. The adoption of stringent privacy regulations in the United States and abroad could also justify additional scrutiny by insurance companies during the initial underwriting and renewal process.

While data breaches are never good news for any business, they can be especially catastrophic in the financial industry. The sheer amount of sensitive personal data that moves through the average banking institution on a normal day creates a seductive target for cybercriminals and a potential nightmare for security administrators. As a result, finding the right cybersecurity solution that can be tailored to the needs of financial institutions a must.

Arctic Wolf security awareness program experts—who created security awareness programs for Disney, Sony, as well as our Managed Security Awareness solution—recently produced The Complete Security Awareness Plan and Strategy Guide to help you evaluate and elevate your own security awareness program.

October marked a dubious milestone for cybersecurity. A report from the Identity Theft Research Center confirmed that the number of cyber attacks reported through the first nine months of the year exceeded the total recorded for the entirety of 2020. And not by a small margin either—attacks are up 17% in 2021 compared to last year. Clearly, hackers have been busy, as have the cybersecurity experts tasked with mitigating the damage.

This week marks our mid-year kick-off. It’s our all-company meeting that, like Arctic Wolf, gets bigger each year with hundreds of new team members joining us from around the world—many for the first time. With so much new hiring (we’re on pace to nearly double ourselves, again), I’m continually reminded of our Wolf Pack’s talent, dedication, and drive for success, and I’m proud to work alongside these professionals daily.