Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Digital Risk Protection (DRP) helps organizations identify, monitor, and protect against threats across their digital footprint. The goal is to catch risks on the open, deep, and dark web before they can be exploited, by aggregating threat intelligence from diverse external sources (social media, underground forums, code repositories, and paste sites). Organizations scan continuously for exposed credentials, brand impersonations, data leaks, and emerging malware campaigns.

In this week’s episode of The Future of Security Operations podcast, I'm joined by Travis Howerton, Co-founder and CEO of RegScale. Travis began his security career with roles at government and regulated organizations, including the National Nuclear Security Administration and Oak Ridge National Laboratory, before being inspired by inefficiencies in compliance processes to co-found RegScale.

For all the advancements in vulnerability remediation, one of the most fundamental challenges remains unsolved: knowing what to fix first. And according to the 2025 Remediation Operations Report, it’s still not where it needs to be. In fact, difficulty prioritizing vulnerabilities ranks as the third biggest challenge security teams face when managing vulnerabilities. That’s not just an operational inconvenience, it’s a signal that something core to the remediation process is broken.

Recent research by Comparitech reveals the shocking truth about ransomware attacks on government entities; they have a longer impact than anyone thought. Tracking over 1100 government-targeted ransomware attacks over a period of six years, researchers discovered that each day of downtime cost entities nearly $83,600, and that in each attack the downtime lasted for an average of 27.8 days.

The proliferation of Internet of Things (IoT) devices - more specifically, security cameras - has forced organizations to rethink how they protect their physical hardware. Security cameras represent some of the most common IoT devices installed in business and commercial environments. Recent estimates suggest the smart camera market is expected to grow at an astronomical rate, reaching a potential valuation of $12.71 billion by 2030, growing at a Compound Annual Growth Rate of 10%.

CVE-2025-27007 is a critical unauthenticated privilege escalation vulnerability affecting the OttoKit WordPress plugin (formerly SureTriggers), which is used by over 100,000 websites for workflow automation and third-party integration. The vulnerability exists in the plugin’s create_wp_connection() function, which fails to properly verify user authentication when application passwords are not configured.

When I speak to enterprise CISOs and GRC leaders, they often talk to me about 2 problems: Today we unlocked a huge milestone for TrustCloud that will help us scale operations to solve these 2 problems for enterprise CISOs and GRC leaders. We’ve raised $15M in strategic funding led by ServiceNow Ventures, with participation from Cisco Investments, Presidio Ventures, OpenView Venture Partners, Tola Capital, and other existing investors. (Read official press release)