Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Yesterday the US Securities and Exchange Commission (SEC) voted 3-2 to issue long-awaited regulations that mandate uniform cyber incident disclosures for public companies. The SEC’s rulemaking progress has been lengthy and controversial, and cybersecurity experts and business advocates have been eagerly awaiting the release of the final rules after more than a year of public comment and lobbying from business and cyber experts.

Typosquatting represents a significant threat to cybersecurity. But what exactly is it? How does it work? What threats does it pose to your cybersecurity? How can you prevent these threats and how can you deploy application security against them?

The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation. Laws such as FFIEC IT, the Gramm-Leach-Bliley Act, NYDFS, GDPR, and SOC2 have placed pressure on financial services companies to build and enforce some of the strongest cyber risk management programs across any industry. You should consider another factor, which is money.

Reducing vulnerabilities in your software means manual and automated secure code reviews. Download our handy cheat sheet to keep your review practice on track.

There is an old saying: “One person’s tool is another person’s weapon.” That is certainly true of Windows PowerShell. Included with every Windows operating system today, this powerful command-line shell and scripting language is used by IT professionals for system administration, remote management, cybersecurity, software development and more.

Dark Web monitoring strategies need to evolve. Gone are the days when the Dark Web was a haven mostly only for people who wanted to post illicit content anonymously. Today, the Dark Web has expanded into a hotbed for threat actors, who use Dark Web forums and apps to distribute malware and sell the fruits of their hacking activities.

Scammers are taking advantage of the popularity of the Barbie movie, according to researchers at McAfee. “In the last 3 weeks, we’ve seen 100 new instances of malware that have Barbie-related filenames,” the researchers write. “Once again, this shows how attackers have latched onto the movie’s hype, hoping the people will click the malicious files because the Barbie name is trending. The types of files varied but included typical types such as.html and.exe.

Large data can offer a massive affordable advantage for companies. Scientists, information analysts, marketing professionals, and advertisers rely upon receiving valuable insights from substantial pools of consumer information. When examined correctly, this information can provide valuable insight for organizations that understand how to use it. The regular procedure of gathering and arranging massive datasets can be taxing, as well as resource-intensive.

Machine learning (ML) is a subset of Artificial Intelligence (AI), which enables machines and software to automatically learn from historical data to generate accurate output without being programmed to do so. Many leading organizations today have incorporated machine learning into their daily processes for business intelligence. But the ability of machine learning can be altered by threat actors to be malicious, causing systems to malfunction, or to execute an attack.

It can feel like so many stars must align to effectively implement and measure security metrics. For example, you need to understand how to adapt frameworks to your company’s specific situation in an industry that’s not too open about its metric strategies. Then, despite talent shortages, you need enough team members with authority and drive to ensure your company prioritizes security, despite the common desire to move forward as fast as possible.