The attacks are ongoing as of this writing. Here are a few screenshots of data and some insight. I’ll make sure to keep it brief since you have seen this news in various outlets.

In the dynamic landscape of cloud-native cybersecurity, image scanning has become essential to ensuring the safety and integrity of cloud workloads and digital assets. Historically, image scanners focus on finding vulnerabilities (CVEs) that may be the cause of exploits in Kubernetes workloads. However, there’s a significant gap that often goes unnoticed. This gap is the lack of comprehensive scanning for malware, viruses, crypto miners, and other malicious threats.

After a year of cyber attacks making headlines worldwide, many organizations, such as MGM Resorts, Clorox, and T-Mobile, have taken a reputational hit similar to SolarWinds. Sysdig’s 2024 Cloud-Native Security and Usage Report provided some informative key takeaways that CISOs can hone in on to improve their security posture. As a CISO, you do not want to catch your organization on that list; mitigating reputational risk is a part of your job.

We have been fantasising about artificial intelligence for a long time. This obsession materialises in some cultural masterpieces, with movies or books such as 2001: A Space Odyssey, Metropolis, Blade Runner, The Matrix, I, Robot, Westworld, and more. Most raise deep philosophical questions about human nature, but also explore the potential behaviours and ethics of artificial intelligence, usually through a rather pessimistic lens.

Hackers move fast. The cybersecurity industry works hard to move as fast (or faster) than hackers. And regulators work to keep pace. In 2017, the New York Department of Financial Services enacted the sector’s most ambitious set of cybersecurity regulations: 23 NYCRR Part 500. These “Part 500” rules have been updated to reflect the evolving threat landscape, the most recent change (“Amendment 2”) implemented in December 2023 to address emerging cybersecurity needs.

Navigating the line between workplace privacy restrictions and employee rights is getting more complicated as employees shift to hybrid and remote settings. According to Code42’s 2023 Data Exposure Report, data loss caused by business insiders costs companies an average of $16 million per incident. Moreover, 81% of companies believe that hybrid work is one of the main reasons data security training is necessary.

The Digital Operations Resilience Act (DORA) is an EU regulation that comes into force in January 2025, but it also impacts UK companies. DORA’s remit will likely cover any UK financial firm that works with EU customers or does business with EU financial firms.

Cybercrime is quickly becoming one of the biggest threats worldwide, impacting businesses across all sectors. To avoid the risk of a damaging security breach, it's crucial to stay updated on the latest cybersecurity tips and practices. Protecting yourself or your business from cyberattacks can be tough. But there are several cybersecurity tips that can help defend against attacks. We've gathered a list of 25 most effective tips for you to adopt and share with others.

As technology has become available, the hospitality industry has focused on making the most out of innovations such as contactless services and eco-friendly practices. The era of mobile and contactless services has ushered in a new normal for hospitality organizations, offering guests seamless experiences with a simple tap of their smartphones.

Achieving SOC 2 compliance demonstrates to customers that your organization takes data security and privacy seriously. The journey to achieve SOC 2 compliance, however, is not easy. For example, when you perform a preliminary assessment to determine your current state of security, you’re likely to find multiple gaps between that current state and what SOC 2 standards expect you to have. You’ll need to close those gaps to achieve full SOC 2 compliance.