Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Verizon 2024 Data Breach Investigations Report noted a 180% increase in exploited vulnerabilities over the previous year’s figures. The importance of keeping an up-to-date vulnerability management policy for remediating and controlling security vulnerabilities cannot be understated.

This is why email compliance and archiving solutions are pivotal for shielding your electronic correspondence and ensuring it’s safely stored, retrievable, and compliant with industry regulations. The adoption of such solutions is indispensable for both private and public companies that generate large data volumes, which require extensive storage and reliable backup options for the reasons we’ll explain below.

As a CIO, I often wish for a world where the threat landscape is less expansive and complicated than it is today. Unfortunately, the reality is quite different. This month, I find myself particularly focused on the idea that our digital business would come to a grinding halt without the technology ecosystem that supports it. However, this very ecosystem also presents significant risks.

Security budgets naturally compete with other priorities for funding, and finance departments traditionally prioritize immediate financial gains over long-term investments. Cybersecurity, with its focus on prevention, is often seen as an element that’s ‘nice to have’ rather than a necessity. Especially when compared to tangible projects with quicker returns, cybersecurity initiatives can be left chronically underfunded. Where do we spend? And where are the attacks coming from?

Cybercriminals never sleep, and their aim keeps getting better. According to new research from Abnormal Security, phishing attacks targeting organizations in Europe shot up by a staggering 112.4% between April 2023 and April 2024. Meanwhile, US organizations weren't spared either, with phishing attempts increasing by 91.5% over the same period. Phishing may be an old-school social engineering tactic, but it's no joke.

I am excited to see Apple’s recent expansion of identity support in Apple Business Manager, their device and app lifecycle management tool for the enterprise. Simply put, it enables wider adoption of Managed Apple IDs by allowing organizations to use corporate email addresses as corporate Apple IDs, and integrate with a broader range of identity providers (IdPs) beyond Google Workspace and Microsoft Entra ID.

When building an application that requires user authentication, implementing a secure login flow is critical. In this article, we'll walk through how we created a robust OAuth login flow for ggshield, our Python-based command line tool, to streamline the onboarding process for our users.