Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Network and Information Systems Directive 2022 (NIS2) was designed to strengthen the cybersecurity resilience of critical infrastructure across the European Union. However, while member states were required to transpose NIS2 into national law by October of 2024, many fell short of this deadline. As a result, on November 28, 2024, the European Commission launched infringement procedures against 23 member states for failing to meet their obligations.

As of January 17, 2025, the Digital Operational Resilience Act (DORA) came into force across all European Union member states, with the crucial aim of strengthening the IT security of financial entities such as banks, insurance companies and investment firms. To do this, the regulation looks to standardize how financial entities report cybersecurity incidents, test their operational resilience, and manage third-party risk.

99% of phishing emails that reached inboxes last year did not contain malware, according to a new report from Fortra. Attackers were much more successful using malicious links or purely response-based social engineering. Fortra explains, “Anti-malware scanning, sandboxing, and other pre-delivery security processes are increasingly common and make it more difficult for emails containing malware payloads to reach user inboxes.

Organizations have long focused on securing human users – employees, partners and customers. But what about the identities that aren’t tied to a person? Non-human identities (NHIs), including service accounts, bots, APIs, machine identities and more, now outnumber human identities 20:1 in most organizations! Yet, they often lack proper oversight, making them a growing security risk.

Managing and securing the software supply chain is crucial for trusted releases, but as any tech organization knows, it also presents significant challenges. With over 15 years of experience and a dedicated security research team, we at JFrog understand these threats. In a rapidly evolving post-AI world, DevSecOps teams are struggling to keep pace with changes.

In today’s digital economy, businesses that handle credit card transactions must prioritize security to protect customer data and maintain trust. Cyber threats that target payment information continue to evolve, making it essential for organizations to implement strong security controls. The Payment Card Industry Data Security Standard (PCI DSS) was created to establish a set of best practices for securing cardholder data.

Over the past few years, many countries have made considerable efforts to bolster cybersecurity preparedness. These efforts are understandable when put into a geopolitical context: global relationships in the past five years have been among the most tumultuous in decades, cybersecurity threats are more sophisticated than ever, and the world is increasingly reliant on digital technologies.

When relocating office locations domestically or internationally, organizations must ensure the safe passage and management of more than just their physical assets and hardware. The complex cybersecurity obstacles before, during, and after an operational overhaul can outnumber the physical difficulties of getting operations moving.

Arctic Wolf is an AI-powered security operations provider, which gives our organization advanced insights into the emerging threats inherent in being an early adopter of the more recent techniques. However, Arctic Wolf is not the only one turning to AI. A third of technology leaders reported that AI was already fully integrated into their products and services. This statistic will grow as major tech companies like Microsoft and Google invest billions of dollars into AI infrastructure..