We have seen great strides in improving security tooling and processes over the past ten years. Via constantly maturing security models, security teams have become increasingly dependent upon an ever-more complex toolchain of products and services. But what happens when these systems fail. How much effort are we putting into planning and maintaining our security solutions to ensure they’re available when issues occur?

2020 is predicted to be an exciting year with more organizations adopting Kubernetes than ever before. As critical workloads with sensitive data migrate to the cloud, we can expect to encounter various Advanced Persistent Threats (APT) targeting that environment.

When it comes to monitoring third-party APIs and web services, what you monitor is as important as how you monitor. Data is useful, but actionable data is where the true value is. Below we've listed the most common and valuable metrics to monitor when relying on third-party API integrations and web services.

With more and more endpoints accessing your network remotely, you should expect rapid increases in VPN connections and usage, as well as exponential usage of cloud-based services. There are numerous Splunk apps that can help you increase the monitoring of remote endpoints but let’s showcase Splunk Security Essentials (SSE).

Right, so now the vast majority of your workforce works remotely. Clearly managing all these inbound VPN connections is on top of mind, but what about other vulnerabilities you should be monitoring for? In addition to the ever increasing number of inbound VPN connections, organizations can expect an increase in the use of SaaS-based collaborative software such as Slack, Dropbox, G Suite, and Trello.

Earlier this week, we shared the Reciprocity response to COVID-19. As the seriousness of this pandemic grows, our thoughts are with all of our employees, customers, and partners who are affected. We want to reiterate that our priority is to uphold our commitment to our customers. We know that many of you are concerned about the impact on your business operations, specifically supply chain issues you might be experiencing or anticipating.

First released in 1996, Control Objectives for Information and Related Technology (COBIT) is a framework developed by the Information Systems Audit and Control Association (ISACA) that can help you create and implement strategies around IT management and IT governance. The COBIT management framework helps you deal with the risks to enterprise IT and the impacts those risks can have on your company, business processes, and IT systems.

As I read Angela Duckworth's GRIT, where she explains that the secret to outstanding achievement is not talent but a unique blend of passion and persistence she calls "grit," I was able to relate the need for this power of passion and perseverance to be a successful cybersecurity professional and more importantly a trusted cybersecurity consultant. It takes a combination of skills, education, and years of work experience.

Every week, dozens of data breaches are reported with some reaching into the tens, or even hundreds of millions of individuals impacted. Customers and regulators alike are increasingly concerned about the information security programs of organizations and how they plan to prevent security incidents and safeguard sensitive data.

There’s an interesting trend that I have personally noticed over the past few years: organizations are starting to take cybersecurity more seriously. With the multitude of high-profile data breaches, organizations are starting to realize that cybersecurity is a significant risk to the business. This allows CISOs and other similar titles with leadership responsibilities to have a larger budget for people, process improvements, and supporting technologies.