Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The people closest to your business can sometimes cause the most damage. Yet while top-secret data leaks are headline news today, most insider threats are well-intentioned people who just screw up.

With the dust now settled and life returning to some semblance of normalcy, we’ve still been ruminating on our week in San Francisco. It was an incredible and busy week, with a lot of top notch sessions, discussions, and of course the bustling expo. We compiled some of our daily thoughts after each full-day at the show, which you can read here, but now with some perspective, we wanted to share our four most memorable takeaways from RSA Conference 2023.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

We’ve all seen it in the movies: The chief of security declares that no one could ever steal the “Famous Jewel” because it’s protected by thick glass, an impenetrable system of motion-detecting lasers, and, finally, a weight-sensitive sensor. Cut to the next scene, where a thief, dressed in sleek black, zip-lines from an open skylight, shorts the lasers, scores the glass, and with split-second timing, swaps the jewel for a replica of equal weight.

One set of valid employee credentials can provide an adversary with all they need to log into a business, move laterally, escalate privileges and achieve their goals — whether that’s removing access to accounts, terminating services, destroying data or deleting resources. Identity-based attacks are subtle, but destructive, and organizations must be on high alert for them. CrowdStrike reported 80% of cyberattacks now leverage stolen or compromised credentials.

In Part I of our two-part blog series, we recapped key drivers for ISO 27001 compliance. Now that you know why companies enthusiastically adopt the ISO 27001 standard to improve cybersecurity protection, we will take a deeper technical dive into Egnyte for ISO 27001.

Building a cyber-resilient organization requires more than implementing the best cybersecurity practices. Cybersecurity must be woven into the culture of the organization from the top down. Because 95% of data breaches result from human error, creating a cybersecurity culture can significantly cut down on security breaches by emphasizing the importance of cybersecurity. Cybersecurity is only as strong as its weakest link.

Albertsons is a major grocery chain in the United States. The company is based in Boise, Idaho, and oversees a huge range of different grocery stores throughout the country. Stores like Star Market, Tom Thumb, Acme, Safeway, Vons, Balduccis, Food Lover's Market, Shaw's, Albertsons, and more.

The Cyber Kill Chain is a significant piece of work from Lockheed Martin in 2011. The Chain outlines seven essential points at which an IT team can intercept a cyberattack. Numerous experts took the process a bit further to eight steps: “reconnaissance, weaponization, delivery, exploitation, installation, command and control, actions on the objective, and monetization.”

When a country throws a privacy party, Cloudflare is there! We are proud to be an official sponsor of the Australian Privacy Awareness Week 2023, and we think this year’s theme of “Privacy 101: Back to Basics” is more important now than ever. In recent months, Australians have been hit with the news of massive personal data privacy breaches where millions of Australian citizens' private and sensitive data was compromised, seemingly easily.