In October 2023, Okta, a leading provider of identity and access management (IAM) solutions, experienced a data breach affecting its customer support system. This incident raised serious concerns about the security of sensitive information entrusted to Okta by its customers and partners.

Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’re looking at some of the cybersecurity strategies for supply chains. Cyberattacks have been increasing, and supply chains have taken a hit. In 2022, the United States witnessed a surge in supply chain cyberattacks, which affected 1,743 entities—the highest reported figure since 2017.

The cybersecurity industry has a major people problem: it doesn’t have enough of them. The global shortage of more than 4 million cybersecurity workers isn’t a new phenomenon, but as digital and cloud initiatives accelerate, the effects are even more profound. This is especially true in the identity security domain.

The cyber security landscape presents new challenges and threats, with the projected number of global IoT-connected devices expected to exceed 75 billion by 2025. By the end of next year, cyber-attacks are expected to cost the global economy over $10.5 trillion, highlighting the urgent need for security operations advancements. This blog will explore 13 cybersecurity trends in the evolving cybersecurity landscape for the new year.

In the ever-evolving cybersecurity landscape, 2023 witnessed a dramatic surge in the sophistication of cyber threats and malware. AT&T Cybersecurity Alien Labs reviewed the big events of 2023 and how malware morphed this year to try new ways to breach and wreak havoc. This year's events kept cybersecurity experts on their toes, from expanding malware variants to introducing new threat actors and attack techniques.

Nightfall is starting off the new year strong with several exciting updates, including a smoother Google Drive remediation workflow, an automatic annotations feature, and all-new policy pages for Atlassian and Google Drive. Read on to learn more about what we’ve been up to this month.

In this episode of Trust Issues, CyberArk’s resident Technical Evangelist, White Hat Hacker and Transhuman Len Noe joins host David Puner for a discussion about the emerging threat of AI kiddies, a term that describes novice attackers using large language models (LLMs) and chatbots to launch cyberattacks without any coding skills.

On December 26, 2023, the Office of Information and Regulatory Affairs (OIRA) released the 234-page Cybersecurity Maturity Model Certification (CMMC) proposed rule. This kicked off a 60-day public request for comments. The final rule is expected to be released in early March 2024, and some industry experts expect it to go into effect as late as Q1 of 2025.. This kicked off a 60-day public request for comments.

Cybersecurity's overarching purpose is to better protect an organization against cyber events. However, especially in the corporate setting, it's not enough for chief information security officers (CISOs) to say they've implemented a patch or a firewall and, therefore, their systems are "more" secure. Not only is the result’s description vague, but it also offers very little insight into its ROI. ‍

Public cloud infrastructure is, by now, the default approach to both spinning up a new venture from scratch and rapidly scaling your business. From a security perspective, this is a brand new (well, by now more than a decade old) attack surface. “Attack surface” is a commonly used term that denotes the aggregate of your exploitable IT estate, or all of the different pathways a hacker might be able to use to gain access to your systems, steal your data, or otherwise harm your business.