Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Insurance companies, like other financial institutions, face a range of unique cybersecurity challenges and considerations. Responsible for safeguarding treasure troves of sensitive data, the industry has long been a prime target for cybercrime — a trend that has endured even as today’s IT landscape, and the threats against it, continue to evolve.

When it comes to conducting vendor security reviews, the two most time-consuming tasks are gathering the relevant information from your vendor and analyzing it thoroughly. Last month, we announced AI-powered security document analysis to drastically simplify the process of extracting insights from SOC 2 reports, DPAs, and other sources that document a vendor’s security posture.

The data about the rise of phishing attacks against businesses in the United Kingdom is in, and it’s bleak: UK phishing reports indicate that 79 percent of organizations in the UK were targeted by phishing attacks in the past year. Meanwhile, phishing is the initial attack vector in 36 percent of all data breaches globally, according to Verizon’s 2023 Data Breach Investigations Report. And 80,000 new phishing sites appear every month, according to Cyberint research.

DCRat, also known as Dark Crystal Rat has been around since 2018. It operates as a modular remote access trojan (RAT) offered as a Malware-as-a-Service (MaaS) and has garnered attention due to its cost-effectiveness and adaptability. The malware is purpose-built to provide threat actors unauthorized access to systems by circumventing security measures.

Protecting sensitive data and maintaining customer trust is paramount, and demonstrating your data security commitment is equally important. One way to achieve this is by obtaining a Cyber Essentials certification. But what are the differences between “cyber essentials vs cyber essentials plus”, and how do they impact your organisation’s cybersecurity strategy?

Organisations must ensure their defences are robust enough to withstand attacks and demonstrate these to their customers, supply chain and staff. This is where Cyber Essentials Plus certification comes in – a government-backed scheme that helps organisations bolster their security posture and protect against common cyber attacks.

A “SQL Benchmark” and a “SQL Server Benchmark” are related concepts, but they are not the same. The difference lies in the specific context and focus of the benchmarking process. SQL benchmarks can help compare the relative performance of different SQL servers or configurations.

On October 20, 2023, Okta Security confirmed malicious activity that exploits stolen credentials, allowing unauthorized access to the company’s support case management system. Several other vendors such as BeyondTrust were also affected by the incident and have since shared their own disclosures. Overall, the incident has ignited substantial concerns over its capacity to trigger a supply chain compromise.

Web applications are one of the most common vector for breaches, accounting for over 40% of breaches according to Verizon's 2022 Data Breach Report. Ensuring that your web applications are sufficiently protected and continue to be monitored once they are in production is vital to the security of your customers and your organization.

Web applications are one of the most common vector for breaches, accounting for over 40% of breaches according to Verizon's 2022 Data Breach Report. Ensuring that your web applications are sufficiently protected and continue to be monitored once they are in production is vital to the security of your customers and your organization.