Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

They say character isn’t gained in a crisis; it’s displayed in one. By the time the disaster hits, the time for preparation has passed. But what if you could go through that earth-shattering event beforehand so when the time came, you’d be ready? Well, in security, you can. And it's not called cheating – it's called Red Teaming.

Kubernetes “crossed the adoption chasm” in 2021 after 5.6 million developers used it to orchestrate their containers, according to the Cloud Native Computing Federation (CNCF). The annual CNCF survey recorded that an impressive 96% of organizations were either contemplating or outright using Kubernetes. However, Kubernetes becomes more appealing to hackers and malefactors as it becomes more popular.

Organizations must constantly adapt to the challenges of maintaining compliance while handling data. Nowhere is that more apparent than cross-border data protection, which allows data to be and remain protected across jurisdictions, states, counties, and countries with the right data security tools. According to the United Nations, 137 of 197 of its members have data and privacy legislation in place.

In the vast realm of digital investigations, there exists a fascinating technique known as recycle bin forensics. Delving into the depths of this captivating field unveils a world where seemingly deleted files can still reveal their secrets, allowing digital detectives to reconstruct user activities and uncover valuable information. So, let's embark on a journey to demystify recycle bin forensics and understand its role in the realm of cybersecurity.

The persistent shortage of skilled cybersecurity professionals which grew by 26.2% over the past year, coupled with the fact that global cyberattacks increased 38% in 2022, means organizations are increasingly looking to security automation to help the cybersecurity teams keep pace. In fact, 98% of respondents to our “2022 State of Cybersecurity Automation Adoption” survey say they have increased their automation budgets.

US state and local government agencies continue to contend with a dizzyingly complex IT environment, which includes data silos, tool sprawl, rising cyber threats, and limited availability of cybersecurity experts. In response, many state CISOs are exploring a “whole-of-state” cybersecurity strategy, which aims to bolster their state’s security through centralization and collaboration.

Progress has recently raised concerns about multiple vulnerabilities in their MOVEit Transfer secure managed file transfer solution. These vulnerabilities have been publicly disclosed within the past several weeks, and the most recent one was reported on June 15, 2023. Notably, the latest vulnerability is claimed to be a zero-day SQL injection vulnerability. If exploited by an attacker, these vulnerabilities can lead to unauthorized access to the MOVEit Transfer database.

Granting users with authorization to access sensitive business information means that you rely on them to adopt cybersecurity best practices. This trust is violated when a disgruntled employee acts maliciously and leaks sensitive information. What’s more concerning — the same violation is also possible when users unwittingly fall prey to social engineering attacks, zero-day exploits or vulnerabilities that remain unpatched in your IT networks.

When pursuing success in business or other endeavors, two key concepts play a crucial role: process and practice. While some argue that process and practice are interchangeable, in reality, they're vastly different. But how do we use process and practice to become more efficient and successful? Is one of them more crucial than the other? Can you do one without the other? To answer these questions, we’ll dive deeper into process and practice and how to apply both.

There is no downside for an organization to have a security awareness program in place. It may not be 100% effective in stopping workers from making an error and causing a cyber incident, but like any preventative endeavor such a program can reduce the possibility of a disastrous cyber incident from occurring. An organization’s staff is on the front line when it comes to defending their place of work. Kind of a human firewall, if you will.