Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks are on the rise around the globe. Recent data suggest that there are 2,200 cyberattacks every day and that the average cost of a data breach is $9.44 million. Of those cyberattacks, 92% are delivered via email in the form of malware and phishing. In 2022 alone, businesses reported 255 million phishing attacks with an average cost of $4.91 million.

The threat intelligence data that Forescout Research – Vedere Labs curates comes from the millions of connected devices that we monitor, attacks we observe and dissect in our sandboxes, data relating to attacks that is traded on the Darknet, and from our Adversary Engagement Environment. We see a lot of data. One thing no cybersecurity researcher wants to see, however, is an attack on their own organization.

While regulations like Cybersecurity Maturity Model Certification (CMMC) 2.0 have expanded in size and scope in the past several years, my experience with CMMC actually dates back to early 2017. At the time, I was working with a client who was a contractor for the U.S. Department of Defense. They were looking to jump into the deep end and start implementing the NIST Cybersecurity Framework, which CMMC is based upon.

On 2023-10-04 at 13:00 UTC, Atlassian released details of the zero-day vulnerability described as “Privilege Escalation Vulnerability in Confluence Data Center and Server” (CVE-2023-22515), a zero-day vulnerability impacting Confluence Server and Data Center products. Cloudflare was warned about the vulnerability before the advisory was published and worked with Atlassian to proactively apply protective WAF rules for all customers.

Cyber insurance is emerging as an add-on that provides another layer of protection to cybersecurity procedures. As demand for coverage increases, it is rapidly becoming one of the main concerns of MSPs and IT executives from businesses of all types.

While always a part of business, compliance demands have skyrocketed as the digital world gives us so many more ways to go awry. We all remember the Enron scandal that precipitated the Sarbanes-Oxley Act (SOX). Now, SOX compliance means being above board on a number of cybersecurity requirements as well. Fortra's Tripwire recently released a new guide: How Managed Services Can Help with Cybersecurity Compliance.

Cyber Security Awareness Month kicked off its nineteenth anniversary this year. One would hope that after nearly two decades, this would be a time to celebrate, however, the outlook is not as bright as one would expect. There are so many aspects of cybersecurity that have been promoted to make the world a safer place, but one that stands out as the largest failure seems to be the use of password managers.

Dive into our Texas Cyber Summit 2023 recap. Discover how AI is impacting cybersecurity, learn about Zero Trust strategies, ransomware dos and don'ts, and more.

To operate legally and ethically, every company, no matter the size or type of organization, must be aware of the laws, regulations, and industry standards that govern them. Though many businesses may view regulatory compliance as a burden, it does not have to be this way. The benefits of following these rules greatly outweigh the consequences. Organizations can ensure the safety and well-being of their employees, customers, and the general public by following these regulations.