Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When people hear "supply chain attack," their minds often go to headline-grabbing breaches. But while analysts, CISOs, and journalists dissect those incidents, a more tactical and persistent wave of attacks has been unfolding in parallel; one that's laser-focused on small businesses as the point of entry. This isn't collateral damage. It's by design.

The Health Insurance Portability and Accountability Act (HIPPA) was established to protect patient privacy and secure health information. While it has been around for nearly two decades, it is evolving to keep up with an increasingly digital world and in response to the skyrocketing number of cyber attacks the industry sees every year.

APWG's Q4 2024 Phishing Activity Trends Report, published March 19th, revealed that more than eight in ten Business Email Compromise (BEC) attacks last quarter were sent by attackers favoring Google's free webmail service. By comparison, only 10% used Microsoft's free email web app, Outlook.com.

DDoS attacks have long been dismissed as blunt instruments, favored by script kiddies and hacktivists for their ability to overwhelm and disrupt. But in today's fragmented, hybrid-cloud environments, they've evolved into something far more cunning: a smokescreen. What looks like digital vandalism may actually be a coordinated diversion, engineered to distract defenders from deeper breaches in progress.

According to the NIS Directive, Member States should adopt a common set of baseline security requirements to ensure a minimum level of harmonized security measures across the EU and enhance the overall level of security of operators providing essential services (OES) and digital service providers (DSP). The NIS Directive sets three primary objectives: As part of the NIS series, we have already provided an overview of the Directive, and we have examined in detail the security requirements for DSPs and OES.

Oh dear, what a shame, never mind. Yes, it's hard to feel too much sympathy when a group of cybercriminals who have themselves extorted millions of dollars from innocent victims have found themselves dealing with their own cybersecurity problem. And that's just what has happened to the notorious LockBit ransomware gang, which has been given a taste of its own medicine.

Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment, or disrupt critical services. The Gulf Cooperation Council (GCC) region plays a vital role in the petroleum industry, with Saudi Arabia ranking among the world's top 10 oil producers by daily output.

The cyber workforce gap is one of the most pressing and persistent challenges facing the cybersecurity industry. In 2024, ISC2 found that the gap amounted to 4.8 million people globally, up 19% from the previous year. Both public and private sector organizations – including the UK’s NCSC and the SANS Institute – have introduced countless initiatives in an attempt to close the cyber workforce gap, but it keeps growing. Perhaps the US PIVOTT Act will work better?

The mechanisms and dangers of email phishing are well known, as are the best practices for hardening organizations against it. Its spin-off, called vishing, is nothing new, but it’s both rapidly evolving, and unlike the more mainstream counterpart, too often overlooked by security professionals. According to the CrowdStrike 2025 Global Threat Report, these offbeat attacks saw a 442% increase in the second half of 2024 compared to the first half of the year.

Cyber incidents are always going to be present. Regardless of whether you’re working for a startup or a corporation, malicious software can target you and your business. This is why it’s important to work closely with cybersecurity incident response teams and have such protocols in place. The lifecycle of a cybersecurity incident starts way before it happens with good preparation. However, the right actions should be taken if such a problem unfolds.