Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Bitsight's leading analytics and workflows allow Nomura Asset Management to effectively reduce cyber risk across credit portfolios through targeted engagement. The increasing frequency and complexity of cyber attacks makes one thing clear - cyber risk is inextricably linked to business performance. This has prompted investors to prioritize cyber risk assessments within their portfolios.

The FBI’s Internet Crime Complaint Center (IC3) newly-released Internet Crimes Report provides an unbiased big picture of the cyber crimes that were the most used and most successful. A few weeks ago we covered the alarming trends on ransomware, and FBI’s IC3 division took in over 880,000 complaints last year from individuals and businesses about every cyber crime being committed. Unfortunately, the details on overall cyber crime show things are not improving.

New data shows increased expertise in leveraging and exploiting cloud environments. CrowdStrike’s 2024 Global Threat Report shows that targeted attacks on cloud environments have increased, signaling that the cybercrime economy has realized the “untapped market” of the cloud environment.

Netskope Threat Labs publishes a monthly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

Q4 2023 presented a complex security landscape with a mix of both positive and negative trends On the one hand, activity associated with larger ransomware-as-a-service (RaaS) operations, such as LOCKBIT and BLACKCAT, declined due to the success of major takedown operations. However, negative patterns also continued, like the ongoing focus of threat actors on the professional services industry.

Read our highlights from SCaLE 21x, where the community focused on all things open source, not just Linux, with over 270 sessions on DevOps, cloud tech, and security.

GitHub Actions and the GitHub GraphQL API are powerful tools for automating and optimizing workflows. GitHub Actions, released in 2018 brings CI/CD directly into the GitHub ecosystem and automates general project management using YAML files. Whereas, a 2-year earlier-released GraphQL API provides a more efficient way to fetch and manipulate data.

In today's digital landscape, where cyber threats are ever-evolving and data breaches can have devastating consequences, zero-trust security has emerged as a robust approach to protect organizations and their critical systems. At its core, zero-trust challenges the traditional notion of inherent trust within network boundaries, advocating for a holistic security posture that treats every entity as a potential threat until proven trustworthy.

Trust is vital to success in our industry. Whether you’re creating and managing software for use internally, by other businesses, or direct-to-consumer, you need to be able to create trust with your end users. This can be accomplished, in part, by showing evidence of security measures, bringing the right people and tactics to the table, and working collaboratively to address challenges.

All industries are at risk of credential stuffing and account takeover (ATO) attacks. However, some industries are at a greater risk because of the sensitive information or volume of customer data they possess.