Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This blog post provides a high-level overview of the latest cybersecurity threats for the month of March, to inform businesses and tech users about key risks. For detailed technical insights, refer to the accompanying PowerPoint briefing available here. Cybersecurity threats escalated in March, with significant attacks, breaches, and vulnerabilities impacting organizations worldwide. From ransomware surges to exploited software flaws, businesses faced a challenging landscape.

Content originally published in Cybersecurity Insiders.

In today’s competitive digital landscape, data is at the heart of business operations. Every transaction, login, and digital interaction generates data, which, when leveraged effectively, drives growth, enhances customer experiences, and improves operational efficiency. However, collecting and managing this data comes with risks—particularly through data logging and data hashing.

Governments across the globe have introduced new legislation to address the escalating risks of cybersecurity threats. In 2021, the United States issued executive order 14028, requiring government agencies to develop a plan for implementing a zero-trust security strategy. This included rolling out multi-factor authentication (MFA), data encryption, and ensuring employees have secure access to the data and applications they need on their devices according to the principle of least privilege access.

Generative AI is changing industries by making automation, creativity, and decision-making more powerful. But it also comes with security risks. AI models can be tricked into revealing information, generating harmful content, or spreading false data. To keep AI safe and trustworthy, experts use GenAI Red Teaming. This method is a structured way to test AI systems for weaknesses before they cause harm.

Between December 2024 and February 2025, the LevelBlue MDR team saw over a dozen attempts and a handful of successful intrusions by threat actors (TAs). Internally, we broadly attribute these attacks to the Black Basta ransomware gang. As outlined by other cybersecurity researchers’ reporting of similar tactics, techniques, and procedures (TTPs) observed; there is a high probability that this activity is from affiliate groups or initial access brokers.

Preparing evidence for a HITRUST Validated Assessment is a detailed process that requires careful organization, proper documentation, and alignment with HITRUST’s control framework. By following the below steps, you will be better prepared for the HITRUST Validated Assessment, increasing your chances of successfully achieving certification.

Each month, we break down critical cybersecurity developments, equipping security professionals with actionable intelligence to strengthen defenses. Beyond threat awareness, this blog also provides insights into incident readiness and response, drawing from real-world experiences in consulting cybersecurity services. Learn how organizations can proactively prepare for cyber incidents, mitigate risks, and enhance their resilience against evolving attack vectors.

In the context of the HITRUST CSF, the PRISMA Maturity Levels are designed to help organizations assess their cybersecurity posture and maturity in relation to security controls and practices. The PRISMA maturity levels are structured to reflect different stages of an organization’s ability to effectively implement and manage cybersecurity controls. Two of the PRISMA levels are Implementation and Measured.

Ransomware attacks have emerged as a significant threat to educational institutions. Cybercriminals encrypt sensitive data and demand payment for its release, severely disrupting school operations and leading to exorbitant recovery costs for districts. With ransomware tactics continually evolving, the security of the entire U.S. education system is at risk.