Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Where do vulnerabilities fit with respect to security standards and guidelines? Was it a coverage issue or an interpretation and implementation issue? Where does a product, environment, organization, or business vertical fail the most in terms of standards requirements? These questions are usually left unanswered because of the gap between standards or regulations on the one hand, and requirements interpretation and implementation, on the other.

When it comes to securing your enterprise and keeping it safe, your success depends on effective communication. How can you explain cyber risks to the board in a way that's easy to understand, yet still packs a punch? Cyber Risk Quantification (CRQ) is a methodological approach that allows security teams to measure and quantify cyber risks in financial terms.

The role humans play in cybersecurity generally focuses on how people can be the weakest link in an organization’s defense structure. However, when it comes to securing the healthcare industry, people are still paramount, but for quite different reasons.

All segments of the cloud market are predicted to see growth in 2023, according to research by Gartner. In an April Press Release, the firm forecasts that global spending on public cloud services will exceed 21% this year, totaling $597.3 billion overall in 2023. This is up over $100 billion from last year’s (mere) $491 billion.

The cybersecurity landscape has become more complex for many reasons. For one, it is the constantly changing risk environment where businesses are compelled to confront evolving threats and actors that leverage emerging technologies and advanced tactics. Cybersecurity has become a top priority for boards since they realize that being cyber resilient is a strategic choice and a competitive advantage.

Data breach attacks are serious problems for companies, organizations and institutions all over the world. For example, in the US one data breach costs on average 9.4 Million USD, which is the highest worldwide. To handle—or ideally, prevent—these attacks, we need to understand first the “why” and “how” of an attack. With this objective in mind, Bitsight analyzed more than 17,000 data breach events from the last seven years affecting 23 sectors in the US.

A record 2,322 scams in Japan to steal internet banking IDs and passwords have resulted in unauthorized money transfers totaling a record of around 3 billion yen ($21 million) in the first half of this year, a report by the National Police Agency showed Tuesday. The number of cases mainly involving phishing this year has already surpassed the annual total of any previous year, with the financial loss approaching the record high of 3.07 billion yen set in 2015, according to the agency.

Scammers are taking advantage of Twitter’s rebranding to “X,” according to Stephanie Adlam at Gridinsoft. A phishing campaign is targeting Twitter Blue users by telling them they need to transfer their subscription to X.

As the retirement countdown for the current version of PCI is now less than six months, a new standard for password length, complexity, and change frequency may create some risk. Valid credentials have become a very hot item, as threat actors realize the low risk and high value of simply becoming an Initial Access Broker (rather than performing an entire cyber attack themselves).