Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The US Securities and Exchange Commission (SEC) adopted new rules for cybersecurity risk management, strategy, governance, and incident disclosure by public companies on July 26, requiring public companies to disclose material cybersecurity incidents within four days of an attack. Additionally, registrants must annually report their process, if any, for assessing, identifying, and managing material risks from cybersecurity threats.

Weaknesses within software supply chains create a foothold for exploitation from cyberattacks. The problem is so significant that even the White House released an Executive Order that speaks directly on this topic. “The Federal Government must take action to rapidly improve the security and integrity of the software supply chain,” states the Executive Order emphatically. Now, you may be wondering what your organization can do to mitigate this risk.

No matter your organization’s maturity, industry, or business goals, cybersecurity should always be top of mind. Considering the Australian Cyber Security Centre (ACSC) recorded a staggering 76,000 cybercrime reports in the 2022 financial year, it’s safe to say that all organizations are at risk for an incident or breach.

With its treasure trove of sensitive information swirling inside vulnerable legacy software, the healthcare industry fits the profile of an almost textbook-perfect cyber attack target. This is why ransomware attacks are so popular within the healthcare sector. Threat actors have very little trouble getting into the industry’s network, and they know the data they compromise is too valuable to end up on the dark web.

With cybercriminals continuously improving their breach tactics, the tech industry can no longer solely rely on point-in-time cyber resilience evaluations like penetration testing. Point-in-time assessments now must be combined with continuous attack surface management for the most comprehensive awareness of data breach risks.

First things first, ChatGPT is awesome! It can help you work more efficiently — from summarizing a 10,000-word document to providing a list of differentiations between competing products, as well as many other tasks.

Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month.

Yesterday the US Securities and Exchange Commission (SEC) voted 3-2 to issue long-awaited regulations that mandate uniform cyber incident disclosures for public companies. The SEC’s rulemaking progress has been lengthy and controversial, and cybersecurity experts and business advocates have been eagerly awaiting the release of the final rules after more than a year of public comment and lobbying from business and cyber experts.

Typosquatting represents a significant threat to cybersecurity. But what exactly is it? How does it work? What threats does it pose to your cybersecurity? How can you prevent these threats and how can you deploy application security against them?

The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation. Laws such as FFIEC IT, the Gramm-Leach-Bliley Act, NYDFS, GDPR, and SOC2 have placed pressure on financial services companies to build and enforce some of the strongest cyber risk management programs across any industry. You should consider another factor, which is money.