Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For months now, journalists and cybersecurity experts, including UpGuard, have been following the movements of the hacker collective “Scattered Lapsus$ Hunters,” a sort of supergroup of the already well-known cybercriminal entities ShinyHunters, Scattered Spider and Lapsus$. Now, this collective has launched a website where they can extort payment from entities in return for delisting and deleting their data.

Organizations across the globe are witnessing an unprecedented pace of transformation. In the ever-evolving landscape of governance, risk management, and compliance (GRC), staying ahead of change is more critical than ever. Successful companies are embracing dynamic change management policies to integrate GRC seamlessly into their strategic operations. The landscape of GRC is evolving.

Securing your applications couldn’t be more important in today’s fast-moving world of software development. Organizations face mounting pressure to deliver innovative software at an accelerated pace, yet this speed must never compromise security. This is where DevSecOps becomes crucial. With threats constantly getting smarter, developers need effective tools to write secure code right from the start.

When a fast-scaling digital bank began seeing widespread employee adoption of generative AI tools like ChatGPT and Gemini, their security team faced a growing dilemma: how do you protect sensitive data without shutting down innovation?

Despite having modern DLP and CASB tools in place, they lacked the behavioural insights and real-time context needed to guide employee use of GenAI tools. Shadow AI use was growing, and SecOps lacked clear visibility into which incidents required intervention.

The Governance, Risk, and Compliance (GRC) team and the Security Operations Center (SOC) shouldn’t be working in silos. Yet in many organizations, these teams operate with different data, priorities, and goals, missing a critical opportunity to strengthen the organization’s overall resilience. When GRC and SOC collaborate, the organization is better prepared, whether it’s responding to a real-world attack, passing an audit, or navigating the daily chaos of the cyber threat landscape.

The UK government is strengthening its cybersecurity legislation with the Cyber Security and Resilience Bill (CSRB), an update to the 2018 Network and Information Systems Regulations. Modelled on the EU’s NIS2 Directive, the new Bill significantly expands cyber risk obligations across the UK’s digital ecosystem, targeting gaps exposed by recent high-profile breaches.

Consider this scenario: a critical zero-day vulnerability is announced for a popular enterprise software and you, as a threat analyst, are tasked with briefing leadership on which threat actors are exploiting it and how. You start to research and are immediately overwhelmed. One news site reports on a Chinese APT using the exploit, another blog details an Iranian group, and a third report lists CVEs without context.