Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In 2025, risk management has climbed near the top of the CIO agenda—second only to AI adoption, according to the 2025 State of the CIO report. As global enterprises become more dependent on digital infrastructure, the consequences of network outages, misconfigurations, or security breaches have grown exponentially. CIOs, CISOs, and their teams now face the dual challenge of managing risk while enabling innovation.

In the architecture, engineering, and construction (AEC) industry, ensuring seamless access to the latest project documents isn't just critical—it's indispensable. Document mismanagement can lead to costly delays, errors, and miscommunications. To address these challenges, many companies in the built environment rely on Egnyte as a centralised document management platform. Egnyte serves as a single source of truth, enabling teams to access the most up-to-date versions of documents at any time.

The adversary group commonly referred to as Scattered Spider is also tracked as UNC3944, Muddled Libra, Octo Tempest, Starfraud, Scatter Swine, 0ktapus, Roasted 0ktapus, and Storm-0875. Active since at least 2022, this financially motivated group has rapidly gained notoriety for its social engineering campaigns and ransomware attacks, which span multiple sectors.

While NIST frameworks are typically not mandatory for most organizations, they are still being called on to do some heavy lifting to bolster the nation’s cybersecurity defenses. Under the January 2025 Executive Order (EO) on Strengthening and Promoting Innovation in the Nation’s Cybersecurity, the National Institute of Standards and Technology (NIST) was charged, along with several other agencies, with the following tasks.

Keeper’s Endpoint Privilege Manager is an advanced Privileged Elevation and Delegation Management (PEDM) solution that provides secure, just-in-time privileged access across your endpoints, significantly reducing the threat of ransomware, insider threats and data breaches – all without sacrificing productivity or performance.

As more details of the April ransomware attack on UK retailer Marks and Spencer are made public, we are directly witnessing the cascading repercussions that organizations face when victimized by a well-thought-out and properly executed attack. In the specific case of M&S, the UK retailer is dealing with a supply chain attack, as M&S CEO Stewart Machin confirmed in a published report.

Software development is undergoing its biggest shift since the rise of cloud and DevOps. The difference this time? The shift is being driven by artificial intelligence, and it’s moving fast. AI-powered coding tools have rapidly made their way into developer workflows. Agents and LLMs are helping teams move faster, automate more, and build in entirely new ways. But speed often comes with tradeoffs.

Financial market infrastructures (FMIs) form the backbone of the global financial system, playing a vital role in ensuring its safety, efficiency, and overall stability. FMIs—including payment systems, securities settlement systems, central securities depositories (CSDs), central counterparties (CCPs), and trade repositories—are now under growing pressure to evolve.

Around 10:33 UTC, on April 28, 2025, Portugal, Spain, and some regions in the south of France were hit by a nationwide power outage. It impacted business, public transport, healthcare, and the daily lives of millions.

ISO/IEC 23894:2023 is a relatively new international standard focused on AI risk management. It is designed to help organizations manage risks arising from the development, deployment, and use of Artificial Intelligence (AI) systems. While it’s AI-specific, many of its security-related clauses—especially those concerning web applications, APIs, and external-facing systems—apply broadly to ensure AI systems are secure, trustworthy, and resilient.