Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you think security is all about risk management, cybersecurity expert Greg van der Gaast thinks you’ve got it all wrong.

In the dynamic landscape of financial services, data is not just currency; it's the key to innovation and operational excellence. Data is constantly streamlining from devices, logins, transfers, transactions, and much more, and it’s bound to increase with an ongoing reliance on digital channels. This creates a massive opportunity and responsibility for financial institutions, as their customers (and regulators) demand more from banking providers.

The United States Department of Veterans Affairs (VA) is a federal agency that provides comprehensive healthcare services, benefits, and support to military veterans and their families. The VA operates a nationwide system of hospitals, clinics, and benefits offices focused on ensuring the health, welfare, and dignity of those who served in the United States armed forces.

The telecommunications sector provides critical infrastructure for many countries, enabling the exchange of information across various industries. Due to the widespread use of digital information in telecommunications, the sector has become a prime target for cyber threats from hackers, state actors, and cyber criminals. In 2023, telecommunications experienced higher credential stuffing rates than other sections, according to F5.

Earlier this week, we debuted our mini-series on the SEC’s new cybersecurity rules. In case you missed it — and, understandably, don’t have the bandwidth to backtrack — Part I explored how the (seemingly perpetual) explosion in data creation, data value, and IT complexity since the dawn of the digital age has come to shape our society. In particular, we note why these trends are responsible for our current IT predicament, namely, the rise in threats, risks, and regulations.

In this blog, we will demonstrate how Zeek’s metadata approach can help focus patching efforts related to the recent SSH “Terrapin” attack. One of the interesting aspects to bear in mind as you read this is that Zeek provides visibility of the vulnerable elements of this encrypted protocol, and thus serves as a reminder that network monitoring is still very much relevant, even in a heavily encrypted world.

In an era where cyber threats are becoming increasingly sophisticated and pervasive, securing endpoints is paramount. Microsoft Defender for Endpoint emerges as a key player in the cybersecurity arena, offering comprehensive protection against a wide array of threats. This blog post delves into how Defender for Endpoint is revolutionizing endpoint security through the use of advanced threat protection technologies.

In the modern digital landscape, the importance of document assessment and data extraction in ID verification processes cannot be overstated. These technologies are pivotal for businesses and organizations to ensure security, compliance, and efficient customer onboarding. With the rapid digitalization of services, from neobanks to telehealth, efficient and secure digital customer acquisition has become crucial.

Securing organizations against today’s most advanced threats continues to be challenging, with APIs (Application Programming Interfaces)playing an increasingly central and vulnerable role, especially as digital transformation marches on. The NIST Cybersecurity Framework 2.0 (CSF) release underscores the urgency of addressing evolving threats and now emphasizes the importance of governance in Cybersecurity.

Working remotely has allowed organizations to enhance their efficiency and provide employees with flexibility. However, remote work comes with cybersecurity risks that can often lead to data breaches and jeopardize an organization’s security. The five cybersecurity risks of remote work are using weak passwords, an insecure internet connection, unencrypted file sharing, an expanded attack surface and the use of personal devices.