Australian organizations find themselves navigating a minefield of supply chain risks, with a surge in incidents stemming from multi-party breaches. These breaches are often caused by vulnerabilities in cloud or software providers and are emerging as a challenge that demands attention and proactive strategies. From July to December 2023, 483 data breaches were reported to the Australian Information Commissioner (OAIC), up 19% from 407 between January and June of the same year.

The demand for innovative threat detection and intelligence approaches is more pressing than ever. One such paradigm-shifting technology gaining prominence is Federated Learning (FL). This emerging concept harnesses the power of collaborative intelligence, allowing disparate entities to pool their insights without compromising sensitive data.

Any time the television news presents a story about cybersecurity, there is always a video of a large data center with thousands of blinking lights. Even most cybersecurity blogs will include an image of many lights on the front panels of servers, routers, and other hardware. However, most people don’t notice that the lights are usually green or some shade of blue. Rarely are those lights yellow or red, signaling a problem.

An affiliate of the LockBit ransomware gang has been sentenced to almost four years in jail after earlier pleading guilty to charges of cyber extortion and weapons charges. 34-year-old Mikhail Vasiliev, who has dual Russian and Canadian nationality, was arrested in 2022 as part of a multinational law enforcement investigation into LockBit that started in March 2020.

Protecting sensitive data and other assets requires an organization to be adaptable and stay informed on things like the digital landscape and threat trends. While some aspects of security are within an organization’s control, it can be extremely difficult to manage all of the risks and vulnerabilities that are likely to arise. Security configuration management (SCM) is one way to take control of many of the facets of cybersecurity that are often overlooked or difficult to handle.

Using security tools to monitor activities on IP based endpoints and the resulting changes that occur pose one of the most formidable challenges to security and regulatory compliance efforts, thanks to its potential to disrupt established security measures and protocols. Compliance frameworks, such as PCI DSS and NIST 800-53/SI-7, require organizations in every sector to maintain a consistent and secure environment to meet regulatory standards. Integrity is a foundational piece of this puzzle.

Historically, cyber-attacks were labor-intensive, meticulously planned, and needed extensive manual research. However, with the advent of AI, threat actors have harnessed their capabilities to orchestrate attacks with exceptional efficiency and potency. This technological shift enables them to execute more sophisticated, harder-to-detect attacks at scale.

If you have been optimistically daydreaming that losses attributed to cybercrime might have reduced in the last year, it's time to wake up. The FBI's latest annual Internet Crime Complaint Center (IC3) report has just been published and makes for some grim reading. According to the IC3 report, online fraud hit record losses in 2023, with the American public reporting US $12.5 billion, a 22% increase from the year before. However, this only counts reported crimes to the FBI.

In 2024, transformation is reshaping industries, and the financial sector stands at a crucial juncture. The Softcat Business Tech Priorities Report, a comprehensive survey encompassing over 4,000 customers across various sectors, sheds light on this transformation. Significantly, cybersecurity has emerged as the paramount concern for financial institutions for the second consecutive year.