Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

It might be hard to remember, but around twenty years ago, Amazon was only known for one thing: selling books. But it’s grown up in the last two decades, encompassing multiple business verticals, and selling more than just books (especially convenient when you need garbage bags, a spatula, and holiday decorations all at the same time).

In late July, the US Securities and Exchange Commission (SEC) enacted a groundbreaking ruling for the cybersecurity industry. Amid an increasingly risky cyber landscape, the new Ruling S7-09-22 requires all registrants to disclose material cyber incidents within four days of detection and provide a detailed description of their cyber risk and governance management programs.

In the high-stakes world of cybersecurity, one of the most daunting challenges faced by CISOs is the task of persuading their organization to invest in security capability. But in an age of worker shortages, cost-cutting measures, and a surge in third-party cyber risk at the enterprise level, CISOs need to get this message across urgently.

Welcome to the Nucleus Product Update 3.9. As we approach Thanksgiving, we’d like to start by expressing our appreciation for you and the rest of the Nucleus family. Thank you for being a part of our community and contributing to our collective growth and success. We have so much to be thankful for this year, especially YOU! We hope you have a wonderful holiday celebrating all there is to be grateful for and enjoying a great meal with the people you love most.

Insider-driven security incidents are increasing in frequency. According to the 2022 Cost of Insider Threats Global Report by the Ponemon Institute, 67% of companies experienced between 21 and 40 incidents in 2022, which is 7% more than in 2020. Insiders with authorized access can fall victim to hackers’ attacks due to negligence or can deliberately compromise and severely damage the organization’s data and systems.

Cybersecurity readiness is the ability to identify, prevent, and respond to cyber threats. Yet despite the daily headlines and warnings, organizations struggle to achieve cybersecurity readiness. Just look at the statistics: 78% of senior IT and security leaders lack confidence in their company’s security posture. And, despite increased investments in cybersecurity controls, nearly 80% believe their organization lacks sufficient cybersecurity protections.

The Monetary Authority of Singapore (MAS) is Singapore's central bank and financial regulatory authority. Along with regulating monetary policies, banking, and currency issuance, MAS sets standards for financial institutions' operational practices. MAS’ third-party risk management guidelines provide structure for financial institutions to ensure resilience against third-party outsourcing arrangements risks, including supply chain vulnerabilities and information security.

Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week we’re identifying the risks and vulnerabilities associated with mobile apps and discuss strategies to mitigate them. In our digitally connected world, mobile apps have become an integral part of our daily lives. We depend on them for communication, productivity, entertainment, and much more.

SecurityScorecard’s recent report with the Cyentia Institute found that 98% or organizations have a relationship with at least one third party that has experienced a breach within the last two years. This indicates that nearly every organization is at least indirectly exposed to risk through circumstances outside its control. With that in mind, it’s important for organizations to know how breaches can happen, how to detect them, and how they can respond effectively. Let’s explore.

Software development is not slowing down and neither are the demands for new features. In order to keep up with the needs of the market and tight deadlines, software engineers have become adept at leveraging the massive ecosystem of 3rd party libraries available in source code management repositories such as GitHub. After all, why build something yourself and waste precious time when you can use what someone else has already created?.