Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybersecurity isn’t easy in any industry, but it is perhaps most challenging for the banking, financial services, and insurance (BFSI) sector. Financial institutions are highly digitized and have large, complex IT infrastructures with many environments and assets to protect. At the same time, these enterprises are highly targeted by threat actors, leading to a constant barrage of attacks to detect and disrupt.

If you were to poll the folks in a typical office about which aspect of the infamous CIA Triad was most important to them, you would likely get different answers from different people. While confidentiality, integrity, and availability are all important and serve to function together, for the sake of fun, what if you had to choose one factor as the most critical?

The 18th International Conference on Cyber Warfare and Security gave researchers, policymakers, and security professionals a chance to share findings and ideas. Read the highlights.

Mass layoffs. Budget cuts. Funding shortages. Fears of recession. Headlines paint a bleak picture for organizations in 2023. To prepare for the turbulent year ahead, companies are scaling back their spending in droves. Yet, amid ruthless cost-cutting, many organizations are still prioritizing their investments in bulking up cybersecurity defenses. The question is, what are they spending these budgets on?

Vulnerabilities are only one part of the cloud security story. Misconfigurations are still the biggest player in security incidents and, therefore, should be one of the greatest causes for concern in organizations.

Another day, another cyber espionage campaign exploiting two legitimate and well-known cloud services to deliver the malicious payload. Once again, this campaign was unearthed by researchers at Sentinel One, and it is aimed to distribute the Remcos Remote Access Tool (yet another example of a remote control tool used for malicious purposes) through the DBatLoader to target predominantly organizations in Eastern Europe.

According to recent research, 68% of computer applications use open-source software libraries without the knowledge of the company. Another study by Argon Security shows that the supply chain attacks have grown up to 300% in 2021 compared to 2020.

Innovation and regulation are two important factors that have a significant impact on the growth of any industry, including information security. The question of whether regulation inhibits or inspires innovation is a contentious one, and there are compelling arguments on both sides.

The idea that digital resilience — the ability to prevent, detect, respond to and recover from disruptive events — is critical to digital business would surprise no one. As the Splunk report Digital Resilience Pays Off illustrates, organizations that are farther along on their digital resilience journey enjoy $48 million lower annual downtime costs and 2 times higher digital-transformation project success rate than their less digitally resilient peers.

Imagine doing business in a bubble. You are an international company only allowed to make decisions using data collected within your country and by your business unit (BU). You also cannot share data with subsidiaries or third parties. It would be challenging to conduct day-to-day business, let alone innovate and grow. Fortunately, this isn’t the state of business today. Organizations transfer trillions of data points across borders daily.