Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With a growing number of organizations offering a remote or hybrid working option, many people are taking their workspaces home. Your team needs to know password hygiene best practices to ensure their home work environment is secure and protected. Sloppy employees who are not knowledgeable about password hygiene can pose a risk to themselves and their company. In fact, 82% of breaches involved a human element, according to Verizon’s 2022 DBIR.

Poor password practices are one of the biggest threats to enterprise cybersecurity. Stolen or compromised passwords cause over 80% of successful data breaches. When employees use weak passwords, reuse passwords across accounts, or store their passwords insecurely (sticky notes, spreadsheets, etc.), they put their employers at risk. Organizations often leverage enterprise password managers to alleviate poor employee password practices.

In some circles, October may be best known for hosting Halloween, but at Trustwave we know it as Cybersecurity Awareness Month. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Cybersecurity Alliance (NCSA), today kicked off the 19th annual Cybersecurity Awareness Month.

This blog examines some interesting aspects of the recent reforms to Australia's Security of Critical Infrastructure Act - specifically related to the new risk management obligations that have been introduced. We'll unpack some of the ambiguities that exist and remain to be clarified in this specific area of the reforms.

Chief Information Security Officers know all about the “Sea of troubles,” and they experience “slings and arrows” daily. In mid-September, we saw a breach of Uber that threatened to undo the company’s security program - for exposing a fairly easy path to super admin privileges across most (if not all) of its infrastructure and security tools like GSuite, AWS, and HackerOne private vulnerability reports. The stakes are high.

Artificial Intelligence’s ability to augment and support progress and development over the past few decades is inarguable. However, when does it become damaging, contradictory even? In our latest Beyond Data podcast AI’s Climate Jekyll & Hyde – friend and foe, Tessa Jones (our VP of Data Science, Research & Development) and Sophie Chase-Borthwick (our Data Ethics & Governance Lead) discuss exactly this with Joe Baguley, Vice President and Chief Technology Officer, EMEA, VMware.

As a CIO in charge of your organization's security, you're responsible for ensuring the security of your company's data. But with so many cybersecurity threats out there, it can be difficult to know where to start. Should you focus on conducting a vulnerability assessment? Or is a risk assessment more important? In this article, we will discuss vulnerability vs risk, cyber threats, and protecting sensitive data.

The number of secrets exposed in public repositories is staggering. With reports in 2021 reaching up to 6 million secrets detected, an increase of 50% from 2020. Secret sprawl is part of every organization, but it is a plague on the open-source world of software development. Even if your organization has a top-notch security-aware culture, human error will inevitably cause secrets to leak and data to be lost or compromised.

With Teleport, Gluu can provide its clients with near-instantaneous access to its open-source software, allowing them to get up and running in minutes. This is a huge benefit for organizations who need to quickly provision their tools in order to start using them. In the past, Gluu has documented many ways that it uses Teleport to provide Gluu clients a gateway for their tools.