At Rubrik, we’re committed to delivering the best data management capabilities seamlessly to our customers and partners. Customer Trust was one of the first functions we focused on building, because Rubrik’s customer-first philosophy is founded on the core pillars of transparency and security. Our goal is to deliver the same, seamless service Rubrik expects from its own suppliers and vendors in every customer and partner interaction.
The COVID-19 pandemic has fundamentally shifted the cyber threat landscape for Australia’s health sector, with the Australian Cyber Security Centre (ACSC) reporting a 84% increase in the number of cyber security incident reports relating to the health sector between 2019 and 2020.1 As custodians of vast volumes of highly sensitive information, the industry continues to find itself at the mercy of cyberattacks that paralyze systems until a ransom is paid—threatening the security of patient d
Trust isn’t given, it’s earned. As the Russian proverb advises, Доверяй, но проверяй — or as U.S. President Ronald Reagan liked to repeat, “Trust, but verify.” We designed JFrog Pipelines to securely support a large number of teams, applications, users and thousands of pipelines.
We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.
To stay ahead of attackers, we constantly monitor various security threats. One of these threats — supply chain attacks — aims to compromise an organization through its software development process. Recently, a huge spike in supply chain attacks was observed — dependency confusion was discovered, the SolarWinds breach was reported and more malicious packages were flagged. This certainly drew our attention (as well as the rest of the world’s)!
The next iteration in the history of technology convergence emerged with Gartner’s Secure Access Service Edge (SASE). Networking and security vendors have been integrating capabilities for decades, and market adoption of these integrations has only accelerated due to innovations such as virtualization and cloud computing. From a networking perspective, routing of traffic extends far beyond IP and MAC addresses to now include application steering and transport-agnostic overlay networks.
The total number of phishing attacks doubled in 2020, with phishing for cloud credentials, specifically SaaS and webmail app credentials, accounting for nearly a third of the targets of phishing campaigns. Over the same period, we saw cybercriminals hosting 13% of their baits in cloud apps. This blog post summarizes the top phishing trends from 2020 and looks forward at what to expect for the rest of 2021.
Inherent risks include all risks that are present without any security controls. Residual risks are the risks that remain after security controls are implemented. Residual risks are inevitable. Even with an abundance of security controls, vestiges of residual risks will remain that could expose your sensitive data to cyber attacks.This is because the proliferation of digital transformation expands the digital landscape, creating more attack vectors.
Attacks against operational technology (OT) and industrial control systems (ICS) grew dramatically in the past few years. Indeed, a 2020 report found that digital attacks against those two kinds of assets increased by over 2000% between 2018 and 2020. Many of those attacks involved vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems and other ICS hardware components or password spraying techniques.
The recent executive order calling for immediate improvements in the federal government’s cybersecurity is impressive. I give the Biden Administration a lot of credit for publicly admitting there are significant problems and weaknesses in the federal government’s IT and cybersecurity infrastructure and practices. The order also includes some key points that are significant for Devo and our customers.
