What does Agile have to do with improving security? A lot! Explore highlights from Agile2024, including technical health, productive meetings, and addressing shadow IT.

In this blog post, Kelsey Sevening, Sr. Manager, Project Management at Tines shares what customers can expect when engaging with our professional services team to help them reach their goals faster. When it comes to investing in professional services, the quality of the experience can vary widely. While some customers might have exceptional experiences and others less so, most find themselves somewhere in the middle.

Ransomware has evolved significantly since its inception. Initially, these attacks were relatively simple: malware would encrypt a victim's files, and the attacker would demand a ransom for the decryption key. However, as cybersecurity measures improved, so did ransomware gangs' tactics. Modern ransomware attacks often involve sophisticated techniques such as data exfiltration, where attackers steal sensitive information before encrypting it.

The world has evolved and the on-going momentum of Cloud and Work-From-Anywhere (WFA) has become unstoppable. CISOs have realized their traditional security architectures, specifically VPNs, are no longer adequate to ensure only authorized users have access to critical resources. This has made the role of CISO ever more important because we now have applications everywhere and people everywhere, leading to increased cyber threats everywhere.

The National Institute of Standards and Technology’s widely used Cybersecurity Framework (NIST CSF) provides organizations with a common language that allows staff at all levels—and at all points in a supply chain—to develop a shared understanding of their cybersecurity capability.

APIs are increasingly becoming the target of choice for attackers. According to the key findings stated in the 2024 Gartner Market Guide for API Protection, "APIs — especially shadow and dormant ones — are causing data breaches among organizations that, on average, exceed the magnitude of other breaches.

On July 24, 2024, an unattributed threat actor distributed a password-protected installer masquerading as an inauthentic Falcon Crash Reporter Installer to a German entity in an unattributed spear-phishing attempt. Subsequent analysis revealed that executing the installer with the threat actor-provided password leads to a novel execution chain in which an agent written to the Mythic command-and-control (C2)1 framework is executed as LLVM Intermediate Representation (IR) bitcode.

Burnout happens when job demands such as workload, time pressure, and difficult clients are high, as well as when job resources, including quality leadership, autonomy and decision authority, recognition, and strong relationships, are lacking. The field of cybersecurity is particularly difficult, but that doesn't mean burnout is inevitable, and it doesn't mean you can't recover after experiencing burnout.