Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Depending on what the world’s threat actors are up to and whether their activity is detected, CISA may issue a cybersecurity advisory (CSA) every few days or have nothing for a month. It’s hard to predict, and you never know what’s coming your way. One thing is certain: If you managed cybersecurity for a critical infrastructure entity and this #StopRansomware: BianLian Ransomware Group CSA landed in your inbox, you would probably want to take swift action.

Phishing attacks are a major cyber threat that continue to evolve and become more sophisticated, causing billions of dollars in losses each year according to the recent Internet Crime Report. However, traditional offline or inline phishing detection engines are limited in how they can detect evasive phishing pages. Due to the performance requirements of inline solutions, they can only target specific campaigns and, at best, act as a basic static analyzer.

Over twenty years ago, a series of corporate financial scandals set off a chain reaction, culminating in criminal convictions and new legislation. After uncovering accounting fraud across public companies like Enron, WorldCom, and Tyco, the US Congress enacted the Sarbanes-Oxley Act of 2002 (SOX).

Personally Identifiable Information (PII) is any data that can identify a specific individual. Data like your Social Security number allows you to open credit cards, get a loan and more. It’s also data that is vital to keep secure in order to protect your identity and assets. Read on to learn more about what types of information qualify as personally identifiable information and how to protect it from cybercriminals.

archTIS is pleased to announce we have partnered with Janusnet, a global leader in data classification, to offer robust classification and dynamic data protection for joint Defence and industry customers looking to implement data-centric zero trust security to protect sensitive information.

In the cloud native world, open source solutions are popular and widely used. Velero, an open source software, is quickly becoming a standard for Kubernetes backup and has been pulled over 100M times from Docker Hub! It is the most popular choice amongst Kubernetes community for backup and recovery. In a recent episode of TFiR, Swapnil Bhartiya sits down with Sathya Sankaran, Chief Operating Officer at CloudCasa by Catalogic, to talk about the power and potential of open source ecosystem.

At Mend.io, we’re always looking for ways to help organizations understand their application security risk. This week, we’re proud to announce a new initiative designed to make it easier than ever for organizations to visualize and remediate their biggest sources of risk: the Mend.io AppSec Risk Assessment Program.

The cause of most data breaches can be mapped to limited attack surface visibility. Inverting this statement reveals a tactic for reducing your data breach risks - increase attack surface visibility. Cyber Threat Exposure Management presents an advanced security risk management approach by prioritizing attack surface visibility. To learn how to adopt a CTEM mindset and reduce your data breach risks, read on.

So, now what? On the other side of this considerable investment of time and money, it helps to have a structured, checklist-style post guiding you through the post-SOC 2 audit process. This article addresses all of the due diligence requirements after receiving a SOC 2 audit, and clarifies some of the common misunderstandings cybersecurity teams have when it comes to SOC 2 reports.

Vertical risk management and complete identity governance can only be achieved through the integration of critical platforms with other systems and applications in use and by either integrating existing point solutions or reducing their number altogether. Integration of an identity platform with SAP is one of those major challenges for many organizations today.