Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cloud-based solutions are becoming increasingly common in businesses across industries. Utilizing the cloud allows organizations to seamlessly access data across devices and users, making operations more efficient using digital transformation. However, cloud solutions also present many security concerns, increasing the need for cloud security.

The National Institute of Standards and Technology (NIST) developed the NIST 800-171 framework to set guidelines and security requirements for protecting controlled unclassified information (CUI). NIST first created the framework in June 2015 but has since revised the publication several times, most recently in November 2023.

Third-party risk management (TPRM) software is essential for any organization that utilizes third-party providers. If not monitored and managed, third-party vendors pose significant risks to the companies they work with, including cybersecurity, operational, financial, and legal/regulatory/compliance risks. TPRM software works seamlessly to help reduce this risk and provides your organization with ongoing monitoring to address vulnerabilities before they become significant security incidents.

CVE-2024-0204, a critical authentication bypass exploit in Fortra's GoAnywhere Managed File Transfer (MFT) software, allows unauthorized users to create admin users and bypass authentication requirements. GoAnywhere MFT was previously targeted by the Clop ransomware group with CVE-2023-0669. Fortra released a security advisory for CVE-2024-0204 in January 2024 following their December 2023 patch release. Any use of Fortra GoAnywhere MFT versions predating 7.4.1 are affected by the vulnerability.

Industries that collect user data, such as finance, healthcare, and government, are high-profile targets for DNS attacks because the data is compelling for malicious actors. Incorporating a variety of security mitigations, including Domain Name System Security Extensions to prevent spoofing attacks, can help an organization prevent data breaches and protect its users and their data from misuse.

Modern slavery is a pervasive global issue all businesses must be aware of to ensure fair working conditions, liveable wages, and safe labor practices exist across their supply chain. Some organizations may be surprised to find out that slavery is still a global concern, as individuals often use the term in a historical context. However, this does not change the fact that victims of modern slavery continue to suffer behind closed doors around the globe.

Tracking key performance indicators (KPIs) will allow your organization to assess and elevate its third-party risk management (TPRM) program. By monitoring specific metrics over time, your risk management team will be able to reveal your TPRM program’s overall health and particular areas where personnel can implement changes to improve localized performance. According to one 2023 study, about 98% of organizations worldwide are connected to at least one breached third-party vendor.

The cost of a data breach continues to rise every year as new attack methods, new vulnerabilities, and new risks appear. According to IBM’s Cost of a Data Breach Report 2023, the average cost of a data breach in 2023 was USD $4.45 million, a 2.3% increase from 2022’s cost of $4.35 million.

The ISA-62443 series of standards, developed by the International Society of Automation (ISA), is a comprehensive set of guidelines for ensuring the security of Industrial Automation and Control Systems (IACS). ISA 62443-2-1:2009 is one specific standard within this series that focuses on establishing an industrial automation and control systems security system.

The International Society of Automation (ISA) and the International Electrotechnical Commission (IEC) started creating the 62443 series of standards in 2002.

Cybercrime is a growing problem for higher education. Between 2020 and 2021, cyberattacks targeting the education sector increased by 75%. In line with other industries, the education sector is also experiencing a dramatic increase in ransomware attacks. According to the 2022 Verizon Data Breach Investigations Report, 30% of data breaches in the industry were attributed to ransomware attacks.

Between cloud storage and smart devices, remote access to various services has become a mundane fact of life. Remote access empowers software developers and system administrators to manage technical infrastructure without requiring physical access to the server, which supports cloud-based services. Remote desktop solutions can also aid remote users with troubleshooting.

Two chainable zero-day vulnerabilities face Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS): CVE-2023-46805 and CVE-2024-21887. All supported versions of the Ivanti Connect Secure and Policy Secure Gateways are currently at risk, and Ivanti has confirmed that customers have experienced active exploitation. ICS was previously known as Pulse Connect Secure. ICS offers a virtual private network (VPN) gateway, while IPS provides network access control.

Part of being a part of the cybersecurity industry means looking ahead to the future and anticipating what’s to come. For most of us, we should expect a 2024 that is largely dominated by AI discussion. With the cybersecurity industry growing rapidly, AI is at the forefront of every organization’s cyber plans and plays an integral role in all technological advances.

Digital threats have led to new cybersecurity regulations that organizations from various industries must follow. Staying compliant with cybersecurity regulations can be legally required, depending on the type of regulation, and organizations face steep penalties if they are non-compliant. With so many different regulations to adhere to, organizations often utilize cybersecurity compliance solutions to help them track compliance over time.

Communication protocols govern data transmission between computer networks. These protocols, such as File Transfer Protocol (FTP) and Simple Mail Transfer Protocol (SMTP), determine how data is transferred between devices through a port, which is a unique connection endpoint for a specific service. Because file transfer moves files over the internet, insecure file transfer ports create opportunities for hackers to send their own malicious payload or for other threat actors to intercept traffic.

Vulnerability management is a critical aspect of vendor risk management (VRM). Organizations prioritizing third-party vulnerability management can mitigate third-party risk, ensure regulatory compliance, protect sensitive data, and maintain business continuity.

One of the foundational areas of cybersecurity is securing web applications. Millions of users visit different websites daily, exchanging sensitive information and data. Securing your organization’s web applications includes many tools like authentication protocols, data encryption, network defenses, and more. A good place to start evaluating your organization’s web application security posture is by using a security questionnaire.

Apache Log4j 2, a Java-based logging library, was affected by a zero-day vulnerability on December 9, 2021. The vulnerability, known as Log4Shell and identified by the National Institute of Standards and Technology (NIST) as CVE-2021-44228, allows cybercriminals to take control of vulnerable systems and servers. Many web applications, open-source cloud platforms, and service providers utilize Log4j.

Open ports that direct traffic to and from machines in the office could become an attack vector, especially as more employees return to a physical office environment. If attackers can access your network through an unsecured and often forgotten port, then your sensitive data could be at risk. This article considers security risks for ports related to office machinery.

Cybersecurity is becoming a critical concern as various industries depend on digital infrastructure. To protect sensitive information from cyber threats, governments worldwide have introduced cybersecurity regulations for specific sectors that help secure digital ecosystems and prevent cyber attacks. Understanding the specific regulations for your organization’s industry is essential for risk management.

Google Safe Browsing is a set of policies to help users remain protected and aware of potential security threats when using Google products. Google has offered Safe Browsing protections since 2005, and most users are familiar with the cautionary notice that precedes potentially dangerous websites.