Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims.

The Sarbanes-Oxley Act (SOX), enacted by the United States Congress in 2002, is a landmark piece of legislation that aims to improve transparency, accountability, and integrity in financial reporting and corporate governance. The act was a response to high-profile corporate scandals, such as those involving Enron, WorldCom, and Tyco International, which shook investor confidence and underscored the need for regulatory reforms to prevent corporate fraud and protect investor interests.

In Part 1, the existing global regulations around IoT were introduced. In this part, the challenge of complying with these rules is examined.

Contrary to what one might expect, creating a File Integrity Monitoring (FIM) system is pretty easy. Practically anyone with a modicum of Python, Perl, or development skills can write an app or script to gather a file's checksum, compare it to a list or baseline, and tell you whether or not said file has changed. But creating a good FIM solution is hard. Many inadequate checkbox File Integrity Monitoring solutions are on the market because while detecting change is easy, reconciling it is not.

Cybersecurity frameworks are blueprints for security programs. Typically developed by governmental organizations, industry groups, or international bodies, they take the guesswork out of developing defense strategies, providing organizations with standards, guidelines, and best practices to help them manage and reduce their cybersecurity risks.

Containerization has revolutionized application development, deployment, and management – and for good reason. The ability to automatically wrap an application and its dependencies into a single, easily deployable package helps developers focus on what they do best: writing code.

There's some possibly good news on the ransomware front. Companies are becoming more resilient to attacks, and the ransom payments extorted from businesses by hackers are on a downward trend. That's one of the findings of insurance broker Marsh, which conducted an analysis of the more than 1800 cyber claims it received during 2023 from its clients in the United States and Canada. According to Marsh, ransomware attacks were linked to less than 20% of all claims made to the firm during the last year.

As the 2024 Olympic Games in Paris approach, organizers are intensifying cybersecurity measures in response to warnings from experts and law enforcement agencies about a likely surge in cyberattacks. The Games, set to start on 26 July this year, are projected to sell over 13 million tickets and attract more than 15 million visitors to Paris, generating around 11 billion euros in economic activity.

As we pass the halfway mark of 2024, data breaches remain on the rise. Cybercriminals are finding more and more inventive ways to infiltrate organizations, exploiting vulnerabilities in networks, software, and human behavior. From phishing schemes and ransomware attacks to insider threats and supply chain compromises, the threat of cyber attacks continues. This is bad news, especially for certain industries. The consequences of these breaches extend far beyond financial losses.

Zero Trust maturity might be one of the least understood security buzzwords of our era. The term “Zero Trust” was originally coined over a decade ago and described the principle of not assigning digital trust to any entity, ever, for free. It represented a fundamental paradigm shift from the trust-happy early internet days to the threat-filled cyber landscape we now know. Since then, companies have been striving to make all their systems Zero-Trust mature. As right they should.