Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Following CEO and Co-Founder Aleksandr Yampolskiy’s attendance at Davos, and SecurityScorecard’s subsequent visit to Geneva to meet with world leaders at WEF Headquarters, Alex spoke this week to another community of WEF members near our headquarters in New York City during the Forum’s New Champions Leadership Dialogue. New Champions companies are mid-sized organizations transforming industries through new business models and market disruptions.

A major security incident in the crypto field occurred between March 17-18th. Due to a vulnerability that was not caught before the event, unknown crypto hackers were able to drain 1.6 million USD (around 59 BTC) from Bitcoin ATMs owned by General Bytes - the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

Vulnerabilities are on the rise, and it's not just the number that's growing; the severity of these vulnerabilities is also increasing. Cybercriminals are taking advantage of these vulnerabilities to launch sophisticated attacks, leading to data breaches, ransomware, and other devastating cyber incidents.

AI Trust, Risk and Security Management (AI TRiSM) is an emerging technology trend that will revolutionize businesses in coming years. The AI TRiSM framework helps identify, monitor and reduce potential risks associated with using AI technology in organizations. By using this framework, organizations can ensure compliance with all relevant regulations and data privacy laws. In this article, you'll learn what AI TRiSM is, how it works, and how organizations can use it for their benefit.

SecurityScorecard is a customer-obsessed organization, which is why we asked ourselves: How can we provide more value to the thousands of CISOs who rely on our security ratings to make smarter, faster business decisions? We now make this guarantee: Qualified customers who maintain an A grade within the SecurityScorecard security ratings platform and still suffer an incident are eligible for complimentary Digital Forensics and Incident Response services.

Enterprises these days are facing a triple threat: stiffer government policies, volatile cyberspace and an extra-competitive economy. And without a well-planned strategy, it will be hard to survive all these and hit high-performance goals. Hence the need for an effective GRC strategy. Since its invention in 2003, GRC as a strategy for achieving organizational goals amidst uncertainty and with integrity, has stayed true to its primary purpose. Despite the increasing turbulence in the economy.

Imagine you've alerted your IT team to a critical infrastructure error plaguing your network. You ask them to drop their current work and focus on immediate remediation of this detected vulnerability. After further investigation, however, it is found to be a false positive. Unfortunately, these incidents are commonplace – and they cost your organization valuable time and manpower. More worrying, they distract from legitimate security issues.

In January 2023, PrivateLoader, a malware loader from a pay-per-install malware distribution service called “ruzki”, started to distribute Tofsee (a.k.a. Gheg), a modular spambot. Spambots are typically utilized by cybercriminals to spread malware and phishing emails, and this particular one has been in operation since at least 2008.

As technology becomes more prevalent in our lives, the risk of cybersecurity incidents is also increasing. Cybersecurity incidents can cause significant damage to organizations, including financial loss, reputational damage, and theft of sensitive data. Therefore, it is essential to have a robust cybersecurity system in place to protect against cyber-attacks. Artificial intelligence (AI) is one technology that can be used to predict cybersecurity incidents and mitigate their associated risks.