Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Managing dependencies is not for the faint of heart. For a single project, you may be able to keep up with dependencies on your own. For software codebases with hundreds of modules, however, even the most seasoned developer will quickly descend into dependency hell. Don’t worry: dependency hell has happened to the best of us! There are some things you can do to keep yourself sane and improve application security.

2023 will be a year of growth within the communication service provider (CSP) market according to new data from A10 Networks’ latest research. Its biannual Global Communication Service Provider Insights report was undertaken to understand the priorities, expectations, and perspectives of senior IT professionals in CSPs across the globe by interviewing 2,750 senior IT professionals in a variety of roles across 21 countries.

While it’s difficult to imagine our business lives without USB devices, each USB connection can pose a serious risk to an organization’s security. Attackers can infect USB devices with malware that attacks your corporate system once a user connects an infected device. Such attacks can damage your infrastructure or machines and result in the theft or compromise of sensitive data.

Midsize and enterprise organizations take notice: the average and median amount of a ransom payment and the median size of the victim organization are on the rise. If you’re at all concerned about ransomware (and you should be), the latest details from ransomware response vendor Coveware’s latest Quarterly Ransomware Report should have your attention.

New data sheds light on how likely your organization will succumb to a ransomware attack, whether you can recover your data, and what’s inhibiting a proper security posture. You have a solid grasp on what your organization’s cybersecurity stance does and does not include. But is it enough to stop today’s ransomware attacks?

The US Federal Trade Commission has issued an alert warning of phishing campaigns that are impersonating PayPal and the MetaMask cryptowallet. “If you got an email that seems to be from MetaMask or PayPal, stop,” the FTC says. “They’re phishing scams. The MetaMask fake says your cryptocurrency wallet is blocked. And, if you don’t act fast, click a link, and update your wallet, they say your crypto will be lost.

A new report highlights the direct connection between how strong your organization’s security stance is and how easy it is to obtain cyber insurance. Like any insurance policy, the insurer has figured out the indicators of risk and includes a form of assessment when considering issuing you a policy. When you want to obtain car insurance, they ask about your driving record, where you live, and even what your credit score is – all to determine how much of a risk you are.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

May is Mental Health Awareness Month, and I want to take this time to reflect on something we don’t often talk openly about in the security community: mental health. Nearly half of CISOs turn over every two years. Almost 100% of CISOs report feeling stressed at work, with about two-thirds saying stress issues are compromising their ability to protect their organization, and 100% saying they felt they needed more resources to adequately cope with current IT and security challenges.

Data breaches are an ever-present risk for organizations of all sizes — and the larger the attack surface, the greater the risk. There is growing awareness of the need to manage the attack surface, and reducing the attack surface is an essential component. However, many companies lack full visibility into their real attack surface, making reduction challenging.