Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In a world where cybersecurity threats are increasingly prevalent, the U.S. Securities and Exchange Commission (SEC) has taken a significant step towards ensuring transparency and accountability in how companies manage these risks. The SEC has adopted new rules requiring companies to disclose material cybersecurity incidents and provide annual updates on their cybersecurity risk management, strategy, and governance.

As organizations across the globe grapple with the growing issue of cyber attacks — 2023 cybercrime costs are expected to hit $8 trillion — organizations are realizing that more than technical tools are needed to stay ahead of mounting threats. Even one mistake by an untrained employee can have serious consequences and result in a data breach.

Like other under-resourced organizations, schools face cyber attacks from malicious actors that can impact their ability to safely perform their basic function: teach children. Schools face email, phishing, and ransomware attacks that slow access and threaten leaks of confidential student data. And these attacks have real effects. In a report issued at the end of 2022, the U.S.

Many industries are experiencing rapid growth thanks to the seemingly overnight advancement of new technologies. Artificial intelligence, for example, has swiftly gone from a vague possibility to being a major component in numerous digital systems and processes. Another technology that has somewhat snuck up on us is blockchain.

Last month, Adobe’s Chief Trust Officer Dana Rao testified to Congress about the importance of content provenance, encouraging Congress to require platforms to maintain proof of origin for content, ensuring that “attributions are not stripped away, and artists can receive credit for their work.” Following Rao’s testimony, Google, Microsoft, Amazon, and other AI leaders met at the White House to voluntarily agree to “ Develop and deploy mechanisms that enable users to under

In today's world, cybercriminals are learning to harness the power of AI. Cybersecurity professionals must be prepared for the current threats of zero days, insider threats, and supply chain, but now add in Artificial Intelligence (AI), specifically Generative AI. AI can revolutionize industries, but cybersecurity leaders and practitioners should be mindful of its capabilities and ensure it is used effectively.

Most organizations are still using weak forms of multi-factor authentication (MFA), a survey by Nok Nok has found. These forms of MFA can be bypassed if an employee falls for a social engineering attack. “72% of organizations still use phishable MFA factors for their customer-facing applications,” the researchers write. “The cost and risk of lost or stolen data, business, and funds from compromised accounts is motivating organizations to make MFA mandatory for their customers.

As a security awareness practitioner, keeping your pulse on industry - and geographical - benchmarking data and best practices is always a good way to measure your organization’s security awareness success. That’s why KnowBe4 has launched its Phishing Benchmarking Analysis Center. It’s intended as a fun, interactive digital hub that allows you to slice and dice security awareness benchmarking data from across various industries and geographical regions.