Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The capabilities of cloud computing have changed the digital landscape significantly, and the popularity of cloud solutions only continues to increase. According to Gartner, the market for public cloud services is expected to surpass 700 billion USD by the end of 2024. The growth of cloud technologies presents a wealth of new opportunities for IT teams but also brings a host of security challenges.

CoreWeave is a specialized GPU cloud provider powering the AI revolution. It delivers the fastest and most consistent solutions for use cases that depend on GPU-accelerated workloads, including VFX, pixel streaming and generative AI. CrowdStrike supports CoreWeave with a unified, AI-native cybersecurity platform, protecting CoreWeave’s architecture by stopping breaches.

Most cloud providers use a shared security responsibility model, meaning they secure some areas of the environment but expect the customer to establish security controls in others. AWS is one of the many cloud providers that follow the concept of shared responsibility. Generally speaking, they split responsibility into two categories. AWS focuses on the security of the cloud, such as the infrastructure that runs all AWS services.

This past month, we announced the single destination to showcase your security posture, Vanta Trust Center, 19 new integrations, Private Links for Vendor Risk Management, and more: ‍ ‍

The National Institute of Standards and Technology has introduced a new revision of the Special Publication 800-53, revision 5. As with any document change of this scope there are minor and major changes. This paper will provide a high level overview of the significant changes, addressing a redefined focus in control families, accountability, governance, as well as a discussion of new control families, privacy transparency and supply chain risk management.

Maine hosts over 1.3 million people within a granite and forest landscape. The state government employs under 100,000 individuals but does not contain fewer departments than more populous states like California. Maine’s state departments coordinate with each other by using backend file transfer systems; a globally utilized file transfer tool, Progress Software’s MOVEit application, has put nearly all Maine resident information at risk.

Insurance companies, like other financial institutions, face a range of unique cybersecurity challenges and considerations. Responsible for safeguarding treasure troves of sensitive data, the industry has long been a prime target for cybercrime — a trend that has endured even as today’s IT landscape, and the threats against it, continue to evolve.

The data about the rise of phishing attacks against businesses in the United Kingdom is in, and it’s bleak: UK phishing reports indicate that 79 percent of organizations in the UK were targeted by phishing attacks in the past year. Meanwhile, phishing is the initial attack vector in 36 percent of all data breaches globally, according to Verizon’s 2023 Data Breach Investigations Report. And 80,000 new phishing sites appear every month, according to Cyberint research.

DCRat, also known as Dark Crystal Rat has been around since 2018. It operates as a modular remote access trojan (RAT) offered as a Malware-as-a-Service (MaaS) and has garnered attention due to its cost-effectiveness and adaptability. The malware is purpose-built to provide threat actors unauthorized access to systems by circumventing security measures.

Protecting sensitive data and maintaining customer trust is paramount, and demonstrating your data security commitment is equally important. One way to achieve this is by obtaining a Cyber Essentials certification. But what are the differences between “cyber essentials vs cyber essentials plus”, and how do they impact your organisation’s cybersecurity strategy?