Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Active Directory (AD) is prolific, with an estimated deployment at 90% of organizations worldwide. Meanwhile, Entra ID deployment is increasing, as is the prevalence of Hybrid environments which deploy both. The widespread use of AD makes the repository a target for cybercriminals. Although rarely discussed, identity, access privileges, and cybercrime are intrinsically linked, with 90% of organizations being victims of at least one identity-related incident in 2023.

Cyber security testing serves as a vital line of defense against potential breaches, identifying vulnerabilities before they are exploited by malicious actors. As businesses increasingly operate in digital realms, understanding the critical need for thorough security evaluations becomes undeniable. With regulatory compliance and data integrity at stake, implementing comprehensive security testing is no longer optional.

As security and risk leaders look to the year ahead, they face a rapidly evolving and dynamic set of challenges. The implementation of more stringent cybersecurity standards—such as the U.S. Security and Exchange Commission’s (SEC) rules and the EU’s Network and Information Security Directive 2 (NIS2)—has placed boardroom scrutiny at an unprecedented level.

As organizations evolve to embrace cloud-native architectures and distributed teams, the limitations of legacy access solutions like virtual private networks (VPNs) and bastion hosts have become apparent. Once reliable for securing static, on-premises environments, these tools do not scale well for securing modern infrastructure, are expensive to maintain, increase security vulnerabilities, and can hinder regulatory compliance.

SOC teams often wrestle with clunky, siloed reporting tools that lack real-time, connected capabilities. Analysts end up buried under a mountain of fragmented xdata, forcing teams to spend valuable hours tracking down answers to their most pressing questions, rather than tackling threats head-on. At Torq, we feel SOC reporting should be your power move, not a painful process.

The Transportation Security Administration (TSA) has proposed new rules requiring those under its jurisdiction to follow specific cyber risk management (CRM) requirements, report cybersecurity incidents in a certain timeframe, and address physical security concerns. This is positive news for the transportation industry, as hundreds of attacks have been leveled against the sector. These attacks have the potential to impact the supply chain, create chaos, and endanger human lives.

Can you imagine a modern working world without Software-as-a-Service (SaaS) applications? Productivity, communication, and project management solutions have transformed the modern workplace, enabling hybrid and remote working, helping to cut costs, and offering unprecedented opportunities for collaboration and innovation. Without them, the business world would grind to a halt.

Clients are the heart of any business, be it service based or product based. But clients play a more important role in service-based business due to the consistent to and fro contact. For Managed Service Providers, building a lasting relationship with clients will take efforts but it is the foundation of a successful MSP business. Here’s how you can strengthen your client relationships.

Following the emergence of data-leak sites (DLSs) for extortion group Morpheus earlier this year, Cyjax has discovered a DLS for a new extortion outfit going by the name GD LockerSec. Read on to find out what we know so far.

The threat landscape is evolving at an unprecedented rate, with organisations facing increasingly complex and malicious cyber threats. As cyber-attacks grow in frequency and sophistication, Cyber Threat Intelligence (CTI) has emerged as a critical focus for many organisations striving to counter these rising challenges effectively.