Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest cyber claims report from Coalition, a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, due to surging attack frequency and severity. No industry or company size is immune as the increase was seen across all organizations, however companies with $100 million in revenue saw the largest increase in number of claims (+20%), as well as staggering losses resulting from attacks (+72%).

In this era shaped by digital innovation, the concept of Secure by Design is a critical safeguard against cyber threats. Read on to delve into the essence of Secure by Design and its profound relevance in today's technology landscape. As cyberattacks grow more sophisticated, comprehending the proactive principles behind secure design is paramount to ensuring a resilient and protected digital future.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Back again in the news but with a different twist….

The threat landscape today is complex and constantly changing. Organizations require robust cybersecurity solutions to protect their networks and systems. SIEM and SOAR are two technologies that are pivotal in strengthening security operations. In this article, I’ll look at both technologies, SIEM and SOAR, to help you understand the importance of strengthening your organization’s SecOps.

Businesses can now automate threat detection for 1Password and their broader work environment with Obsidian Security, a security platform for software as a service (SaaS) tools.

Cybersecurity is all about staying one step ahead of potential threats. With 1802 data compromises impacting over 422 million individuals in the United States in 2022, threat intelligence feeds are a key aspect of cybersecurity today. These data streams offer real-time insights into possible security risks, allowing organizations to react quickly and precisely against cyber threats. However, leveraging threat intelligence feeds can be complicated.

Gateway to Sensitive Information Email serves as a gateway to a treasure trove of sensitive information. It is where individuals and organizations share confidential documents, financial data, personal details, and much more. In the wrong hands, this information can be exploited for financial gain, identity theft, or even corporate espionage. Protecting this valuable data is paramount, and email is the first line of defense. Pervasive Attack Vector.

This month, Apple Security Engineering and Architecture (SEA) and The Citizen Lab at The University of Toronto's Munk School opened a pair of Critical vulnerabilities relating to maliciously formed WebP images which could be used to exploit the Chrome browser, as well as the webmproject/libwebp library from Google. As of Sep 27th, 2023, the CVEs known to track this libwebp vulnerability actively include.

With the advent of the Digital Personal Data Protection Act (DPDP Act) in 2023, India has taken a significant step towards safeguarding the rights of individuals, termed as ‘Data Principals’, over their personal data. This blog post aims to shed light on the rights and protections offered to Data Principals under the DPDP Act, a landmark legislation that is reshaping the landscape of data privacy in India.

Businesses with Indian customers or those accessible to Indian citizens, take note! The Digital Personal Data Protection Act (DPDP) has been passed in India. This new law, approved by the president on August 11, 2023, dictates how organizations handle personal data. The DPDP Act is not yet enforceable as the Data Protection Board of India is still being established.