Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM (security information and event management) migration is rarely easy. However, when budget constraints, performance issues, or new requirements to further reduce organizational risk lead you down that path, it’s often a good idea to investigate ways to simplify the process. Elastic® and Cribl® have partnered to provide our customers with tools that simplify the process and provide ongoing value to your security operation.

Artificial Intelligence (AI) has the potential to transform our industry. At Splunk, we see it as a catalyst for driving digital resilience — a way to accelerate human decision making in service of incident detection, investigation and response.

Cyberattacks are on the rise. In 2022, there was a 38 percent increase in global attacks compared to the previous year—and security teams are struggling to keep up. It now takes an average of 277 days for teams to identify and contain a breach. With so many alerts being received by the Security Operations Centers (SOCs) each day, how do teams decide which issues to address first?

AI-related security risk manifests itself in more than one way. It can, for example, result from the usage of an AI-powered security solution that is based on an AI model that is either lacking in some way, or was deliberately compromised by a malicious actor. It can also result from usage of AI technology by a malicious actor to facilitate creation and exploitation of vulnerabilities.

Financial data is a desired target for cybercriminals. Hackers frequently attack financial institutions such as banks, loan services, investment and credit unions, and brokerage firms. Security incidents in the financial sector are extremely expensive (surpassed only by the healthcare industry), with the average total cost of a data breach reaching $4.35 million in 2022.

An insider threat is a cyberthreat that happens within an organization. Insider threats occur when current or former employees, partners, contractors or vendors cause sensitive data and systems to become compromised or steal data for their own malicious purpose. Insider threats can be intentional or unintentional, depending on the goal of the insider and if the insider is working with someone else.

TD Ameritrade is a large-scale investment company with more than 11 million clients throughout the world. The organization has more than 6,000 independent investment advisors, manages more than $1 trillion in assets, and is a big deal in the investing community. That's why it's frightening to learn that the company was breached recently and that personal and likely financial data was lost in the process.

It’s human nature: when we do something we’re excited about, we want to share it. So it’s not surprising that cybercriminals and others in the hacker space love an audience. Darknet Diaries, a podcast that delves into the how’s and why’s and implications of incidents of hacking, data breaches, cybercrime and more, has become one way for hackers to tell their stories – whether or not they get caught.

New York State’s Department of Financial Services (DFS) recently published a proposed amendment to its cybersecurity regulation affecting New York financial institutions. Part 500 of Title 23 of the New York Codes, Rules and Regulations (23 NYCRR 500) governs cybersecurity requirements for financial services companies. When first adopted in 2017, it was the first comprehensive cybersecurity regulation from a state government to govern the financial services sector.

Cross-site leaks (XS leaks) are a class of web security vulnerabilities that allow hackers to obtain sensitive information from a user’s browsing session on other websites or web apps. Modern web applications share data through various features and APIs — a function attackers can exploit to access this user data.