Working remotely using cloud applications is now the norm for getting things done. But while these shifts offer greater flexibility, they also bring new security challenges. For years, virtual private networks (VPNs) were the go-to solution for securing remote access. But when used at such a large scale, VPNs are inefficient, slowing users down and undoing the productivity gains that come along with remote work. Worse, they expose organizations to unnecessary security risks like lateral movement attacks.

To find out if someone else is using your Social Security number (SSN), you should check your credit reports, review your mySocialSecurity account and be cautious of calls from debt collectors. The idea of a stranger having such sensitive information about your identity can be terrifying. You may even be a victim of the recent data breach in which over 2.9 billion pieces of personal data were stolen from National Public Data.

Once someone knows your IP address, they can determine your approximate location, track your online activity, impersonate you or conduct targeted DDoS attacks. Most cybercriminals will use your IP address to learn more personal information about you through phishing attacks, which can be used to identify and impersonate your internet provider.

Detection as code (DaC) is a methodology that treats threat detection logic and security operations processes as code. It involves applying software engineering best practices to implement and manage detection rules and response runbooks. This approach addresses many of the pain points associated with traditional security operations.

Passwords are bad, and our whole industry is trying to move away from these simple strings granting access to our systems. But change is slow, and adopting newer standards is difficult, even if passwords are deeply problematic. Now, the National Institute of Standards and Technology (NIST) is updating the core standard for authentication – and it adopts the “new school” of password policies.

In today's complicated digital world, cyber threats are always coming at companies. Organizations need to do regular penetration testing to find security holes and evaluate their security stance in order to protect their valuable assets and keep their operations running smoothly. Having a named penetration test point of contact (PTPOC) is a key part of any penetration test that goes well.