As 2024 continues forward, Australia and New Zealand’s critical infrastructure sectors face significant cybersecurity challenges. Critical infrastructure (CI) sectors–encompassing energy, healthcare, transportation, water, and communication–are at a pivotal moment in their evolution. The rapid digitisation of these sectors brings not only unprecedented efficiency and connectivity but also a significantly expanded attack surface.

Dependency management is a broad topic encompassing, among other things, keeping an inventory of dependencies, removing unused dependencies, and fixing conflicts between dependencies. In this article, we will focus on one large part of software dependency management that devs can do easily and with great results: updating dependencies.

Trust and transparency are key to winning customers today. Customers and prospects of all sizes need to know how you’ll protect their data before they can do business with you — which often leads to lengthy questionnaires, long security reviews, and stretched sales cycles as they work to understand your security posture.

The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments — a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. Larger scale leads to larger risk. As organizations increase their quantity of cloud assets, their attack surface grows. Each asset brings its own set of security concerns.

The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards. Staff at the corporate offices of US retail companies have been the target of highly-sophisticated email phishing and SMS phishing ("smishing") attacks. These attacks attempt to gain access to employee accounts, IT systems, and cloud services used by the company.

In a move to harness the transformative power of artificial intelligence (AI) while mitigating associated risks, the Executive Office of the President has issued a landmark memorandum directing federal agencies to advance AI governance, innovation, and risk management. Spearheaded by Shalanda D. Young, the memorandum underscores the importance of responsible AI development in safeguarding the rights and safety of the public.

On May 8, 2024, Ascension Healthcare notified business partners of suspicious activity detected within their systems. They have launched investigations and are actively working on remediation efforts. Consequently, some systems will experience interruptions during this process, such as clinical operations. Ascension is currently working with Mandiant to investigate the compromise and whether sensitive data was affected, if at all.

Vendor Risk Assessment processes form the core of a Vendor Risk Management program. As such, the efficiency of a VRM program is ultimately dependent on the design of its risk assessment processes. This post guides you through the design of an efficient vendor risk assessment framework in six steps. By implementing this framework, you can establish an efficient risk assessment workflow built upon a scalable process foundation. Learn how UpGuard streamlines vendor risk assessments >

Continuous threat exposure management (CTEM) is a formal program to manage cyber risk that allows organizations to enhance and optimize their overall cybersecurity posture. As outlined by Gartner, CTEM offers a cyclical approach to finding and mitigating threat exposure—which is the accessibility and exploitability of digital and physical assets—in an ongoing, proactive, and prioritized way.

Retail and hospitality businesses prioritize delivering exceptional customer service and growing revenue. Just as their mission relies on a service-oriented staff and quality products, it also requires secure and reliable connectivity. A high performing and secure network enables retailers to offer consistent and positive consumer interactions across online and physical stores around the world.