Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

memcyco

DORA Compliance Readiness Assesment [with Download]

Feb 7, 2025 By Julian Agudelo In Memcyco
If you’re just discovering the DORA and haven’t yet launched your compliance incentives, start with Memcyco’s DORA compliance guide that’s better suited for those just starting the journey. If you’ve already launched your DORA compliance incentives, this DORA readiness assesment will provide detailed benchmarks to ensure you’re on the right track.
Read Post
manageengine

Top tips: How not to let dark data become a silent threat to your organization

Feb 6, 2025 By General In ManageEngine
Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week, we’ll explore a few ways to identify dark data and mitigate the risks it poses. Dark data is a threat to organizations. Despite efforts to prevent it, dark data inevitably makes its way into systems and is often left unaddressed.
Read Post
manageengine

Role-based access control: Your organization's defense against cyberthreats

Feb 6, 2025 By ADManager Plus In ManageEngine
In today’s world, cyberthreats are so prevalent that they expose both public and private organizations to data breaches. A single account with excessive privileges is enough for a hacker to infiltrate the entire organization. To protect your organization from such incidents, you can delegate permissions to users based on their roles and responsibilities. This is where role-based access control (RBAC) comes in.
Read Post
Featured Post
protegrity

DORA Is Here - But Readiness Concerns Are Far from Over

Feb 6, 2025 By Alasdair Anderson, VP of EMEA In Protegrity
For months, the impending Digital Operational Resilience Act (DORA) deadline has dominated boardroom discussions across the financial sector with its potential to reshape operational and regulatory practices. Now that DORA is officially in effect, attention has shifted to other matters, such as a new US presidential inauguration, AI, and fiscal concerns for 2025. Yet DORA should remain a major cause for concern as the regulation is now active and enforcement has begun. Given its likely strict enforcement, financial organisations and third parties must maintain focus on compliance to avoid major regulatory and operational risks.
Read Post
sedara

Malvertising: Phishing Edition

Feb 6, 2025 By Courtney Bell In Sedara
Online advertising is inevitable on countless websites and services across the Internet. Some attackers have learned to exploit online advertising services to deliver attacks, sometimes called “malvertising.” There are sophisticated attacks in the wild that capture user credentials – even MFA – with a malicious sponsored link and exploit the resulting access.
Read Post
netacea

Digital Shoplifting: Understanding and Combating Online Retail Fraud

Feb 6, 2025 By Alex McConnell In Netacea
According to the British Retail Consortium (BRC), shoplifting in the UK is surging. Reported cases jumped from 3.7 million to 20.4 million within a year. Viral social media clips show brazen daylight shoplifting. Reports quote frustrated shopkeepers afraid to intervene. Experts in retail, law, and economics debate the causes, blaming the economy, policing, organized crime, and justice systems. While physical shoplifting dominates headlines, digital shoplifting is equally bold and costly.
Read Post
jfrog

NIS2 Compliance in 2025: Compliance Doesn't Have to Mean Complexity

Feb 6, 2025 By Danny Parizada In JFrog
The Network and Information Systems Directive 2 (NIS2) is the European Union’s effort to fortify cybersecurity across critical industries and services. Building on the original NIS Directive, NIS2 has broadened its scope, introduced stricter requirements, and placed greater emphasis on supply chain security. Now that the October 2024 transposition deadline has passed, organizations must focus on maintaining compliance and integrating robust cybersecurity measures into their operations.
Read Post
CrowdStrike

Improving Kubernetes Security: Lessons from an Istio Configuration Finding

Feb 6, 2025 By Amit Serper - Travis Lowe In CrowdStrike
As a part of our ongoing work to secure cloud computing infrastructure, we delved into the inner workings of some popular Kubernetes add-ons. Our first subject of research was Istio, a popular service mesh add-on. Istio is an open-source service mesh for Kubernetes that manages communication between microservices. It provides traffic management, security, and observability features without requiring code changes.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.