Securing your software supply chain is crucial for ensuring the integrity and security of the software you develop and deliver. Here are the top 8 security best practices for a secure software supply chain.

‍ The global economic situation is far from encouraging. The IMF’s World Economic Outlook predicts growth will again fall by 3% in 2024 as central banks continue to fight inflation. Businesses throughout all industries are expected to tighten their budgets for the upcoming year, scrutinizing and slashing spending across departments. ‍ At the same time, recent research reveals that the global cost of cyber attacks is expected to reach $10.5 trillion annually.

As Cybersecurity Awareness Month 2023 draws to a close, we wanted to highlight some tips to keep in mind for the rest of the year, and beyond. In case you’ve missed it, we’ve been running a series of videos on our LinkedIn page throughout the month of October highlighting tips from members of our internal security team on topics like password sharing, keeping personal identifiable information safe, and maintaining good cyber hygiene.

Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month. Beta Release: TrustCloud Third-Party Risk Assessments (TPRA) Managing and assessing vendors shouldn’t bog you down. TrustCloud TPRA helps you prove that your vendors meet your control requirements with less time and effort. Check it out!

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting newly added coverage for several recently discovered or analyzed ransomware and malware variants, including NoEscape ransomware, AvosLocker ransomware, and Retch ransomware, amongst others. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook™ to ensure coverage against these advanced threats.

You may not recognize the term Identity Threat Detection and Response (ITDR), but this emerging security discipline aims to address an all-too-familiar challenge: managing and securing the massive number of identities – human and machine – across the enterprise.

A compromised account is an account that has been accessed without the owner’s permission. Compromised accounts can happen for a variety of reasons including public data breaches, using weak passwords, failure to enable Multi-Factor Authentication (MFA) on online accounts, falling for phishing scams or having malware unknowingly installed on your device. Continue reading to learn more about compromised accounts and tips to prevent your accounts from being compromised.

In the rapidly evolving digital landscape, artificial intelligence is a two-sided coin. Fraud protection software, like INETCO BullzAI, harnesses artificial intelligence (AI) technologies to offer fraud protection against financial criminals and cyber attackers. Conversely, fraudsters can weaponize the same technology to steal funds. A prominent example of this connection is synthetic identity fraud. This payment fraud vector often employs AI and deepfakes.

In July of this year, the Office of the National Cyber Director (ONCD) stated in its release of an RFI on regulatory harmonization that: “When cybersecurity regulations of the same underlying technology are inconsistent or contradictory—or where they are duplicative but enforced differently by different regulators … consumers pay more, and our national security suffers.” This is an understatement. SecurityScorecard agrees and was happy to share our comments with ONCD today.

In cybersecurity, the terms “trust” and “transparency” are often mentioned. And while they should no doubt be a priority, they can also be difficult to quantify. Good CISOs recognize that transparency in cybersecurity isn’t a one-time effort. It’s a continuous process that involves a near-constant state of evolution. But with the right tools and systems in place, it’s possible to not only measure trust and transparency but improve them as well.