Economic pressures have been leading to greater budget scrutiny and justification of resources for cybersecurity teams. Boards are asking harder questions around cyber risk and exposure. Not only are CISOs working hard to justify and measure their program, they’ve had to become more data-driven in the way they align investments towards company outcomes and business objectives.

Data is among the most valuable assets for companies, making it a prime target for malicious actors. Ransomware attacks that seize data and demand a price for its return have become a significant concern for businesses and individuals. According to the Verizon 2024 Data Breach Investigations Report, about one-third of all breaches involved ransomware or another extortion technique. Here’s everything you need to know about ransomware and how to prevent a successful attack.

A vital component of any cybersecurity strategy is robust identity and access management (commonly known by the IAM acronym). This article explains the core elements of an effective IAM implementation and their benefits. Then, it takes a deeper dive into one of those components, role-based access control (RBAC). Finally, it offers a modern IAM tool to consider that can support your organization in adopting a Zero Trust security model.

Cybersecurity is no longer optional but essential for UK businesses of all sizes. Cyber Essentials, a government-backed scheme run by the IASME consortium, offers a robust framework to protect your organisation from the growing threat of cyber attacks. But what exactly is the cost of Cyber Essentials certification, and how can you budget for this crucial investment?

In the ever-evolving landscape of cybersecurity, organizations face a growing number of sophisticated threats. To stay ahead, they must leverage advanced threat intelligence solutions that allow organizations to not only provide comprehensive insights but also empower them to act swiftly and decisively against a wide variety of threats and vulnerabilities. Enter ThreatQuotient, a leading player in the digital threat intelligence management space.

In 2023, Amazon Prime Day totaled $12.9 billion in sales in only 48 hours. With limited-time deals, many Amazon users get ready to shop during Prime Day and scammers use this to their advantage. As you get ready to shop, it’s important to be aware of the scams that take place before, during and after this event. Some common scams to look out for during Amazon Prime Day include phishing scams, spoofed Amazon websites and deals from other websites that seem too good to be true.

On July 8th, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI) along with several international partners issued an urgent advisory outlining a People’s Republic of China (PRC) state-sponsored cyber group targeting Australian and U.S. enterprises.

The rapid rise of low-code and no-code platforms has democratized application development, enabling even non-technical business users to swiftly create critical business applications. However, this accessibility brings new security challenges, particularly with the integration of AI technologies such as copilots, which are used to automate tasks and enhance functionality within these platforms. Zenity enhances the security of these AI-integrated environments by managing and securing AI copilots.

Jay Jacobs and I recently delivered an RSA presentation called Quantifying the Probability of Flaws in Open Source. Since many people didn’t get a chance to see it, I thought I’d summarize some of the findings here for posterity. The question we investigated was simple, at least conceptually: what are the red flags of an open-source repository? Are there characteristics of a given open source library that would reliably indicate it was safer than others?