Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we explore website cookies, their role in managing user identity and behavior, and the key ingredients to a safe cookie policy. There’s no worse way to enter a website than to be met with a cookie consent encounter. But how many of us click “Accept All” without much thought, just to rid ourselves of the interruption?

In over 600 data breaches, 40 million individuals were affected across the globe due to the MOVEit Transfer vulnerability. Between June 2023 and the present day, healthcare information, educational records, financial records, personal information, Social Security numbers, and insurance details have been either stolen or wiped out by threat actors who abused the MOVEit Transfer vulnerability.

Recent events, including the 2020 COVID-19 pandemic, shifts in demand, and labor shortages have shone a spotlight on supply chain resilience – or lack thereof. In response, business leaders recognize that becoming more resilient is a necessity and are looking at strategies for doing so. As a best practice, Gartner recommends that companies diversify their manufacturing networks, utilize regional or local supply chains, add buffer capacity, and more.

As the world shifted into remote work and distant learning during the pandemic lockdown, e-commerce accelerated as more consumers turned to online shopping apps and websites. Customers who shop online are familiar with email confirmation for their orders. But what if you receive an email confirmation for something that you never bought? It might be a fake order scam, and they are now being sent through Google Groups.

Imagine constructing a building without a blueprint or cooking a complex recipe without a list of ingredients. It would be a chaotic and inefficient process, right? The same principle applies to manufacturing and production. That's where the Bill of Materials (BOM) comes into play. In this article, we will explore the meaning, purpose, and diverse types of BOMs, illustrating how they serve as the foundation for seamless production processes.

The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of that determination. The disclosure should describe the material aspects of the incident, including the nature of the incident, the impact on the company, and the company's response.

Dell disclosed a Compellent vulnerability affecting VMware users. Let's take a closer look to learn to safeguard your data, prevent coding mishaps, and ensure online security.

Whether you’re a large or small business, the cybersecurity framework by the National Institute of Standards and Technology (a federal agency of the U.S. Department of Commerce) offers an efficient roadmap to an improved cybersecurity posture. Compared to other popular cyber frameworks, like ISO 27001, NIST CSF is more effective at mitigating data breaches, especially during the initial stages of implementing a cyber risk management program.

At the heart of nearly every digital transformation strategy is a core focus on flexibility, scalability, and, most importantly, security. Amazon Web Services (AWS), a leader in the cloud services sector, empowers organizations to execute complex business processes while ensuring priority is given to robust AWS security practices. When you choose to move your data and applications to the cloud, security certainly takes a front-and-center role.

Digital transactions and personal data sharing have become the norm, and protecting sensitive financial information is now more important than ever before. This is where a PCI-Qualified Security Assessor (QSA) comes in.