Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The efficiency, security, and scalability of cloud operations are driving financial institutions’ adoption of the technology faster than ever before. The ability to meet customers where they want to transact, personalize solutions, and leverage new data and analytics solutions (including AI) on-demand is driving this growth. In fact, according to Accenture, the banking industry's workloads in the cloud more than doubled from 2021 to 2022.

In today’s ever changing cyber risk landscape, your organization must adopt a vulnerability management framework to control exposure and remediate risks in a timely manner. In an earlier blog, we explained the vulnerability management process. Here, we explore a key part of that process – vulnerability monitoring – in greater depth.

Cloud computing has made its way to organizations’ IT infrastructure strategy rapidly over the past few years. In particular, Canadian businesses are showing an increased adoption. This article decodes how Canada’s IT infrastructure shaped up in the last decade, why data sovereignty is now a hot topic, and what the future holds for the cloud. While on-premises IT infrastructure continues to be relevant even today, both SMBs and enterprises are now embracing the cloud more than ever.

Against the backdrop of the growing frequency and severity of cyber attacks against enterprises, proposed new regulations from The Securities and Exchange Commission (SEC) are set to require publicly traded companies in the U.S. to analyze how cyber risk could affect financial statements. ‍

Another supply chain attack requires an urgent response from security teams.

In the second part of our breaking down the Elastic Global Threat Report series, we’re focusing on the credential access tactic, which was the third-most common category of behavior we observed. Roughly 10% of all techniques we saw involved one form of credential theft or another and dissecting this class of behaviors is helpful both to improve our understanding of threats and to better understand enterprise risks.

Picture yourself, a threat hunter using Splunk, and the words "workflow action" are uttered by your helpful security Splunker... Workflow actions make you a faster and more effective security analyst. They allow you to skip the laborious steps of logging into various websites to do your job and just get straight to business.

In the ever-changing world of IoT, early adopters of this technology, including many medical and manufacturing organizations, are finding that the devices they so heavily invested in are now less secure than ever. You might think that the only solution is to replace existing technology with new greenfield devices, but is there a way to extend the life of existing equipment, minimizing the cost of new technology and the overall impact your corporation has on the environment?

Threat groups intending to cause widespread damage often opt to use a supply chain attack, as seen in the massive supply chain compromise that struck VOIP software provider 3CX on March 29. Trustwave SpiderLabs has issued a blog detailing the attack and upcoming steps to mitigate the problem. Striking an organization's supply chain simplifies the attack process by eliminating the need to strike multiple targets by instead focusing on breaching one organization that is key to many others.