Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Can you enumerate every single network socket which can be used to hack into your cloud environment and steal your data? When counting, are you including the laptops of people who already authenticated and have access? The purpose of opening with this question is not to instill fear. Trying to answer it probably leads to “it’s complicated” and the complexity of access is what this article will cover. Complexity is our collective enemy in the computing industry.

The FBI and CISA (the Cybersecurity and Infrastructure Security Agency) have jointly issued an advisory to organisations, warning about an increase in the number of attacks coinciding with weekends and holidays. With the Labor Day weekend rapidly approaching, the agencies have reminded businesses to be especially vigilant, remain diligent about their network defences, and “engage in preemptive threat hunting on their networks to search for signs of threat actors.”

We now live in an online-first world, accelerated by the events of the pandemic in 2020. Fraudsters have taken advantage of these conditions, using automated bot attacks to prey on businesses and consumers. To quantify the devastating financial impact bots are having on businesses of all types, Netacea surveyed 440 businesses from across the USA and UK. Read the full results in our report: What Are Bots Costing Your Business?

Increasingly, companies are becoming aware of the importance of building threat detection and hunting capabilities that avoid putting their businesses at risk. Now more than ever, when it comes to both protecting enterprise cybersecurity and delivering effective IT security solutions and services, organizations and MSPs can no longer simply act when cyberattacks occur, but long before they even pose a threat.

The Office of Management and Budget’s memo mandates a maturity model for event log management, sets agency implementation requirements, and establishes government-wide responsibilities. Fortunately, Splunk solutions can help agencies comply with the new mandates.

Does your Splunk app integrate with a third-party service or API? If so, that service might require your app’s users to authenticate using a secret. You can securely store and retrieve secrets in an app using the capabilities of the Splunk platform.

If you are an IT manager looking for information to present to your bosses to emphasize the need for an effective cybersecurity training program, new data from a 2021 research study might be just what you need.

Confidentiality, Integrity, and Availability. These are the three core components of the CIA triad, an information security model meant to guide an organization’s security procedures and policies. While people outside the information security community might hear the phrase CIA Triad and think “conspiracy theory,” those in the cybersecurity field know that the CIA Triad has absolutely nothing to do with the Central Intelligence Agency.