Following the outbreak of COVID-19, organizations around the world have rapidly adopted remote work policies, making email communication more important than ever for disparate teams to collaborate. This has made it convenient for threat actors to launch email-based cyberattacks. The FBI has issued a public service announcement in which it revealed that it is anticipating business email compromise (BEC) attacks related to the COVID-19 crisis to increase. Hence, it's imperative for businesses to strengthen email security to mitigate email-borne threats.

A functional insider threat program is a core part of any modern cybersecurity strategy. Having controls in place to prevent, detect, and remediate insider attacks and inadvertent data leaks is a necessity for any organization that strives to protect its sensitive data. A functional insider threat program is required by lots of regulations worldwide. For example, NISPOM Change 2 makes it obligatory for any subcontractor working with the US Department of Defense to implement an insider threat program. However, designing an insider threat program that is both effective and efficient can be hard.

User behavior monitoring is a new approach to insider threat prevention and detection. A lot of companies include a user and entity behavior analytics (UEBA) solution in their insider threat program. Implementing such a program is obligatory to comply with a lot of industry standards (e.g. NIST, HIPAA, PCI DSS, etc.). However, each company is free to use any insider threat prevention tool that meets their needs.

A system administrator is essential for almost any organization. Whether they're an in-house employee or a subcontractor, a system administrator plays a huge role in keeping your business operating continuously and smoothly and keeping it compliant with enterprise data protection requirements. System administrators have full control over the ins and outs of your database and, in many cases, over its underlying physical infrastructure. That's why you need to pay close attention to an admin's actions in order to protect a database. In this article, we discuss best practices and tools to do that.

In a world where time is money, companies are required to churn out software quickly or get left in the dust. To stay ahead of the market, developers are turning towards open source code, which - when secure - can be a valuable asset towards their efforts

Developers want to create secure code, but lack training, so they must rely on AppSec experts to create secure applications. But the severe cybersecurity talent shortage leads to: As a result, developers are often conducting their own security research, which takes substantial time, increasing software delays and costs. With Veracode, you enable developers to write secure code and decrease flaws, so you can make your developers security self-sufficient.

We surveyed over 650 developers, and collected data from the NVD, security advisories, peer-reviewed vulnerability databases, issue trackers and more, to gather the latest industry insights in open source vulnerability management.

It's hard to imagine an organization today that does not rely on file servers, SharePoint or Office 365 for storing data, including valuable and sensitive information such as intellectual property and personal data. This makes these systems particularly attractive targets for all sort of attackers, from external hackers to disgruntled employees. To protect data from both external and internal threats, businesses must regularly conduct thorough data security assessments as part of their broader cyber security assessments.