Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Minimize Kubernetes Compliance Audit Heartache

As Kubernetes matures and moves from exploration into production, we on the Styra and Open Policy Agent teams are starting to hear of a new trend. It’s part of any kind of operational lifecycle for many companies and it goes something like this: DevOps: Our Kube environment is performant, secure, and compliant by design! Auditor: K. Walk me through every line of code you typed since time began.

Cybersecurity Trends In The Government Sector

The government sector and all of the agencies that make up this powerful ecosystem play an integral role in global safety and security. Whether considering the U.S. or other countries around the world, cybersecurity tends to be a core factor in national security affairs. As countries increasingly rely on technology to fulfill basic living needs such as getting access to clean water, electricity, and transportation, the risks drastically expand.

CEO Cyber Quiz: What's Your IT Security IQ?

Every business leader understands that, when it comes to cybersecurity, the stakes are extraordinarily high. CEOs tend to take notice when they read headlines about yet another big-name company being victimized by a massive data breach or about industry forecasts suggesting that the annual cost of crime losses and damage will hit $6 trillion by 2021. However, does that mean top business leaders have meticulously prepared their organizations for a virtual worst-case scenario? The short answer: No.

Preparing for an ISO 27001 and 27002 Audit

Getting your certification for ISO 27001 is a complex and time-consuming endeavor. But for many organizations, it’s worth the effort. That’s because ISO 27001 is the international standard for Information Security Management System (ISMS). Being able to say you’re “ISO 27001 certified” tells stakeholders that your organization is serious about protecting the security and privacy of their information.

How to Build a Mature Vulnerability Management Program

The evolution of the cyber threat landscape highlights the emerging need for organizations to strengthen their ability to identify, analyze and evaluate cyber risks before they evolve into full-fledged security incidents. When it comes to cyber risk mitigation, the terms “patch management” and “vulnerability management” are used as if they are interchangeable.

Ask the Experts: How Industrial Organizations Can Strengthen Their Security Posture

Many organizations are still struggling to fill out their digital security workforces. This task isn’t getting any easier with time, either. In a Tripwire-commissioned survey of 336 IT security professionals, four-fifths of respondents told Dimensional Research that they feel it’s gotten more difficult to hire skilled personnel since 2017.

Weekly Cyber Security News 09/08/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. While we marvel at the sophisticated attacks, as with most crime, it’s the simple tricks while people have their guard down that get through. Here is a wonderful little article by the folks at SANS on one such example, yes, for most of us we might spot an obvious faked URL but for others or if we’re not paying enough attention one tap and its game over.

Cryptocurrency exchange Binance offers $290,000 bounty to unmask blackmailer

Binance, one of the world’s largest cryptocurrency exchanges, has revealed that it is being blackmailed to the tune of 300 Bitcoin (approximately US $3.5 million) by someone who is threatening to release some 10,000 sensitive photographs of its customers. And in an attempt to identify its blackmailer, Binance has put a 25 Bitcoin (approximately US $290,000) bounty on their head.

Sumo Logic adds Netskope to its Security and Compliance Arsenal

As the worldwide spending on SaaS spending will make up more than half of all public cloud services spending through 2019, it is critical to have end-to-end visibility into threats across your SaaS and on-premise applications. Sumo Logic and Netskope are collaborating on a technical integration that will help joint customers use Sumo Logic to correlate, validate and investigate Netskope alerts into their overall security incident investigation process and understand SaaS application usage patterns.