Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For as long as businesses have used computers, cybersecurity has been crucial. Now, as modern business and data are becoming inseparable, it’s an absolute necessity. As companies start to recover from 2020 losses, they should consider investing in security updates. Cybercrime reached new heights in the past year, with internet crime reports rising 69.4% and costing more than $4.2 billion. Now that more companies are embracing digital services after the pandemic, this trend will likely continue.

With the need to produce innovative software faster than ever, and cyberattacks not slowing down, it’s no surprise that, for projects large and small, ensuring the security of your code at every step is key. But if software engineers want to meet these everyday demands with success, it’s important to understand how different security scanning types fit in throughout the development process, and how the needs of your team might impact scans.

The past year has challenged us in unimaginable ways. We kept our distance for the greater good, while companies faced the daunting task of transforming their workforce from in-person to remote — practically overnight. This presented a unique challenge for cybersecurity teams. How would they ensure employees retained access to critical data in a secure way? Working in the cloud has made remote work easier for many organizations, but has also presented new risks.

Kroll, Red Canary and VMware conducted a survey of over 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue to capture the current state of incident response from a technical and legal perspective. Our goal was to highlight trends, identify common challenges and understand how organizations are maturing their preparedness, detection and response programs.

In December 2020, the world discovered that the SolarWinds’ Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize the impact on them and their customers.

Many frameworks, standards, and regulations require organizations to have an IT Asset Management program in place. However, the understanding of what separates a mature Information System Inventory (ISI) from an IT Asset Inventory and the benefits realized from an ISI are generally less well understood. Naturally this may lead to a higher likelihood of deprioritizing an ISI in favor of what are viewed as more pressing security needs. Figure 1.

In a nutshell, a data subject access request – or DSAR for short – is when someone asks a organisation for a copy of all personal data they hold about them, and then that organisation provides it in a clear and structured way. In addition to the data itself, DSARs allow a data subject (like you or me) to find out things like what the organisation is doing with the data, who they’re sharing it with, how long its held on to for, where they got it from, and so on.

Adaptation of large-scale web applications at a wider level in several multi-faced industry verticals like healthcare, banking, intelligence services and others has exposed them to massive data breaches. Despite increasing awareness about security, complex threat vectors continue to put organizations across the globe under attack.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. I admit this is frivolous, and low risk, but come on…. The increasing completely pointless devices out there that insist on Internet connection when you are highly unlikely going to be out of sight of said device is bonkers… No…

The rising trend in data breaches continues to angle upwards, and as a result, there has never been a more precarious time in history to launch and maintain a successful business. To prevent the repetition of mistakes that result in data theft, we’ve compiled a list of the 56 biggest data breaches in history, including recent data breaches in 2021. Click on the table of contents dropdown above for a list of all the companies in this post.