Recently, Atlassian issued a major security notice to all of its users about a critical vulnerability, identified as CVE-2022-26134, in its widely-used Confluence Server solution. The vulnerability would allow an unauthenticated malicious actor to execute arbitrary code on a Confluence Server or Data Center instance that could grant an attacker full command of the vulnerable server.
It’s hard to think about personal digital safety and enterprise cybersecurity without referencing passwords. This is why I’m excited that Lookout has acquired SaferPass, an innovative Password Management company that provides secure online identity solutions for both consumers and businesses of all sizes. With the rise in identity theft and threats that seek to compromise corporate applications and emails, passwords offer a critical line of defense.
With the release of the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE) there is an abundance of information on the newest framework created to address security requirements in a cloud-first world. SSE was introduced in 2021 to refine Secure Access Service Edge (SASE) by focusing on the convergence of security capabilities within the framework. Check out my blog breaking down SSE and SASE for a more in depth explanation.
To keep pace with the demands of a digital-first economy, organizations are accelerating cloud adoption and expanding work-from-anywhere initiatives. But as operations become more efficient, security teams struggle to keep pace. Existing solutions are not built to scale and can’t provide seamless access that safeguards data, which now reside in countless applications on premises and in the cloud.
When a leading financial technology provider began posting record success and rapid customer growth, it needed a holistic security strategy to protect its customer data and comply with regulations such as the Payment Card Industry Data Security Standard (PCI DSS) and the California Consumer Privacy Act (CCPA).
Here’s a scenario that was unlikely just two years ago: permanently telecommuting from Honolulu to your financial job on Wall Street. Fast forward to today, the world has accepted that productivity is just as feasible from the beach as it is from a skyscraper. In fact, according to Upwork, nearly 5 million people in the U.S. have moved because of remote work since 2020 with another 19 million planning to do so.
Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama.
It is becoming increasingly difficult to guarantee a safe boundary for your sensitive data. As work-from-anywhere cements, employees are now collaborating freely with each other, with contractors and with partners. But this freedom to collaborate more broadly also means information is being shared among devices, applications and networks that your organization doesn't necessarily have control over.
We live in an IT world surrounded by buzzwords that are largely marketing gimmicks. Zero Trust, for example, is a concept no one actually understands and is slapped onto everything, including derivatives like Zero Trust networks (ZTN) and Zero Trust network access (ZTNA). Then there’s Secure Access Service Edge (SASE), Security Service Edge (SSE) and everything that falls under these frameworks such as Cloud Access Security Broker (CASB), Secure Web Gateway (SWG).
Large construction firms rely on a vast network of architects, engineers, project managers, contractors, and suppliers to collaborate on projects of all sizes and complexities. While the digitization of the construction industry has made it easier for these project teams to share information, it also expands the cyber-attack surface.
