Most companies sit in the middle of a supply chain. You provide a service or product to your customers, but you also use third-parties who enable your business operations. To secure data, you need to engage in increasingly stringent due diligence to mitigate supply chain risk.

Once upon a time, businesses needed to take light cybersecurity precautions to ward off amateur hackers. A business owner may have recruited their tech-savvy nephew to protect their system, barely worrying about the risk. Today, the world of cybersecurity has done a 180 — it’s now a top concern for businesses. As businesses swiftly adapt to the changing digital environment, new technology means more cybersecurity concerns.

Year after year we look at the trends and likely scenarios which will shape the email security landscape. In 2019, radical reorganization of the cryptocurrency market may change the way threat actors make financial demands, while email fraud moves from spoofing identities to using stolen identities, making it more effective and harder to detect.

Sandbox environments are a common feature of many cybersecurity solutions in their fight against advanced malware. Firewalls, endpoint protection, and even next-generation machine learning systems use sandboxes as one of their lines of defense. However, not all sandboxes are created equal.

Today, the healthcare industry has become prone to cyber-attacks, just like in any other sector. One notable fact within all those fields is the similarities in existing as well as emerging threats. At the same time, there is an increasing need for organizations to reassure their customers and regulators that their networks and systems have incorporated adequate security measures. One way of achieving this goal includes complying with various recognized security standards and frameworks.

Companies in highly regulated industries are forced to adopt one or more frameworks in order to meet compliance initiatives. There are over 200 security frameworks, regulations, standards and guidelines to choose from that could impact your business at any given time. In no particular order, below are the top security controls frameworks that are pervasive throughout our security industry along with some unique facts about each framework.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Being a popular tool, I do find it odd that while faults in Zip files have been known for a long time, WinRAR has only just been identified with similar issues. Well, better late than never I suppose.

Deploying an application on Kubernetes can require a number of related deployment artifacts or spec files: Deployment, Service, PVCs, ConfigMaps, Service Account — to name just a few. Managing all of these resources and relating them to deployed apps can be challenging, especially when it comes to tracking changes and updates to the deployed application (actual state) and its original source (authorized or desired state).

Gone are the days when our greatest inklings of insider threats were employees who never wanted to take vacation and did everything to avoid letting others see the financial records they were maintaining. Today, insider threats come in a concerning variety of forms with consequences often exceeding millions of dollars. As time passes, more industries than ever before are feeling the sting of security incidents and breaches stemming from their very own trusted employees and partners.

Given you’re here, you’re likely new to this topic, so please be aware in that fileless malware, fileless malware attack, and fileless attack are different words for the same thing. With that clear, let’s jump in!