Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

How CyberArk Scaled SaaS Transformation: Insights from SVP Corporate Finance Nili Serr-Reuven

Discover how CyberArk's transformation into a SaaS company reshaped its business and finance operations. SVP Nili Serr-Reuven shares insights on scaling a SaaS delivery model, the critical role of finance in transformation, and lessons learned along the way. Tune in for expert advice on driving growth and innovation in the SaaS space.

Privacy Engineering is Dead

In an era where data breaches, privacy violations, and regulatory fines dominate headlines, the need for robust privacy engineering has never been more critical. Yet, despite its growing prominence, privacy engineering is failing to meet the demands of businesses and consumers alike. To understand why, let’s explore what privacy engineering is, the challenges it faces, why its current state is insufficient, and the transformative shift needed to make it truly effective.

What is DSPT Compliance: From Toolkit to Audit (2024)

The Data Security and Protection Toolkit (DSPT), an online tool, is undergoing significant changes. From September 2024, the DSPT will now align with the National Cyber Security Centre’s Cyber Assessment Framework (CAF) to enhance cybersecurity measures across the NHS. This shift will impact many NHS organisations and require adjustments to their data security and protection toolkit strategies.

Securing Microsoft 365: Avoiding Multi-factor Authentication Bypass Vulnerabilities

Microsoft 365 is the standard in modern enterprise environments, offering a robust suite of productivity and collaboration tools. With millions of users accessing sensitive data from various devices and locations, security vulnerabilities can arise, making it highly attractive for cybercriminals seeking to exploit and steal valuable data.

Fraud Awareness Week

The Association of Certified Fraud Examiners (ACFE) recently released a report Occupational Fraud 2024: A Report to the Nations, where they estimated that most organizations lose about 5% of their revenue each year due to fraud. We have joined in our support of International Fraud Awareness Week and applaud the ACFE and their efforts to help raise awareness and reduce fraud that hurts all of us, whether we work for these organizations or are consumers of the goods and services they provide.

Cloud Migration Strategies Your Business Needs to Know

Cloud technology is rapidly becoming necessary for everyone to secure data online. Still, it has never been more important for businesses to evolve to the shifting digital landscape and migrate their data to the cloud. The public cloud computing market is estimated to be $675 billion this year, and it includes services related to business processes, platforms, infrastructure, and software.

750,000 Patients' Medical Records Exposed After Data Breach at French Hospital

When we think about our data being leaked onto the internet, we often picture it as our financial records, our passwords, our names and addresses... what is less often considered is the exposure of our private medical information. A French hospital has found itself in the unenviable position of learning that hackers have gained access to the medical records of over 750,000 patients following a cyber attack.

The Role of Security Configuration Management in Achieving Zero Trust Security Architectures

Zero Trust is a network security model that dictates that no one or no system should be trusted by default and that every attempt to access a network or application is a threat. For those who are naturally trusting of others, this concept is difficult to accept. However, distrusting every entity on a network until it has been verified is imperative today.

Role of Threat Intelligence: Cracking Threat Hunting and IR with XDR - Part 2

The first segment of this series highlighted anomaly detection and behavioral analytics for an early warning system regarding suspicious activities. But it is very important for mature adversaries for security teams to have tools in an arsenal to maintain the front-foot position.

The Lazarus Group: Unveiling the Motivation and Recent Activity of a Notorious APT Threat Actor

Advanced Persistent Threat (APT) actors have become a significant concern for organizations worldwide, as they pose a substantial threat to sensitive information and critical infrastructure. One such APT actor is the Lazarus Group, also known as Hidden Cobra, which has been active since at least 2009. In this blog, we will delve into the motivation and recent activity of the Lazarus Group, highlighting their tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK techniques they employ.