Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As we embark on another holiday season in the United States, we are being told to start our holiday shopping even earlier this year to avoid some of the delays in shipping. These slowdowns stem from a number of factors, including container shortages, Covid-19 outbreaks that backlogged ports, and a dearth of truck drivers and warehouse workers. Even without the shortages and slowdowns, retailers are in for a long holiday season ahead of them as sales are predicted to grow by 7% this holiday season.

Digital transformation was well underway before the pandemic and in order to enable remote work and e-commerce, organizations have been adding new digital offerings at an unprecedented rate. Businesses are growing increasingly reliant on digital infrastructure with the expectation to secure a shifting cloud while managing a hybrid workforce and a growing IoT.

In 2020, we saw cybersecurity move from a technical problem to become a business enabler. In 2022, we will see 5G go from new technology to a business enabler bringing previously unimaginable use cases because of its high bandwidth and lower latency. Data from the current AT&T Cybersecurity Insights Report shows that 5G technology is being driven by the line of business and has been siloed between IT and OT organizations.

As a developer, I spend a lot of time in my GitHub account. I write apps, little utilities, and proof of concepts for when I am learning something new. I like to think that, because I spend a lot of time on GitHub, the overall health of my account is pretty high.

Malware is continuously mutating, targeting new services and platforms. The Sysdig Security Research team has identified the famous Muhstik Botnet with new behavior, attacking a Kubernetes Pod with the plan to control the Pod and mine cryptocurrency. A WordPress Kubernetes Pod was compromised by the Muhstik worm and added to the botnet. On the Pod has been deployed and executed various types of crypto miners, like xmra64andxmrig64.

Global organizations are working towards making data privacy a fundamental right. However, as the privacy paradigm shifts to a digital world, businesses are more exposed than ever before. That’s because security has not been the focus of this revolution in IT infrastructure.

Last week, we announced v5 of the ThreatQ platform with capabilities needed today to support the security operations center (SOC) of the future. SOCs have been maturing and evolving into detection and response organizations, a transformation that Gartner anticipated back in 2013 and deemed a requirement for this decade. I’m proud that ThreatQuotient has consistently been at the forefront of innovating and delivering what the SOC of the future needs.

Arctic Wolf security awareness program experts—who created security awareness programs for Disney, Sony, as well as our Managed Security Awareness solution—recently produced The Complete Security Awareness Plan and Strategy Guide to help you evaluate and elevate your own security awareness program.

Given the large and growing number of cyber attacks that exploit software vulnerabilities, vulnerability management is critical. A variety of unintended consequences can result from misjudging the severity of an existing vulnerability. Legal battles, financial losses, and reputational damage are all possible outcomes for a business. To combat today's modern cyber security challenges, it's critical to have a vulnerability management program in place.

Hardware security modules (HSM) and trusted platform modules (TPM) seemingly do the same thing: they manage secret keys and enable data protection. But what does “managing secrets” mean, and what’s the difference between the two? Before diving deeper, let’s explore why computers need help with managing their secrets.