Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every IT admin, regardless of the company size or employee count, shares a common fear: data breaches. The horror of discovering their organization’s data exposed on the dark web, accessible to anyone, is definitely a nightmare. So, IT admins are on the constant lookout for leading solutions that protect access to organization data and manage employee identities effectively. But where does the real challenge lie? In managing the employee identities, or their access to data?

Establishing a proactive security posture involves a data-driven approach to threat detection, investigation, and response. In the past, this was challenging because there wasn’t a centralized way to collect and analyze security data across sources, but with Amazon Security Lake it is much simpler.

The Common Vulnerability Scoring System (CVSS) is used to evaluate and communicate the technical severity of software, hardware and firmware vulnerabilities. While CVSS has been around for nearly 2 decades and now stands as an industry standard tool for scoring the severity of a vulnerability, the framework still has its limitations. To mitigate some of these challenges and improve the efficacy of the system, an updated version of CVSS was released in November 2023.

The role of the Chief Information Security Officer (CISO) has undergone a transformation as profound as the threats we face. Between new regulations such as SEC, NIS2, and DORA, the explosion of generative AI, and the rapidly expanding attack surface, the burden is now on cybersecurity leaders to not only protect the organization but build confidence with customers, regulators, board members, and other stakeholders. The key to building trust? Storytelling.

Effective employee monitoring is essential for maintaining productivity and security, especially in heavily regulated industries like finance, government, and healthcare. That’s why at Ekran System we are continuously working to enhance our product’s monitoring functionality. Now Ekran System is introducing new informative and user-friendly dashboards that will help you streamline your insider threat prevention and productivity management efforts.

What tools does the average security operations centre (SOC) use in 2024? What gets in the way when they deploy a new tool? And how stressed are security pros really? These were just some of the questions we wanted to find out the answer to when we partnered with OnePoll at the end of 2023/the start of 2024. Together, we surveyed 250 British and Irish Heads of IT at companies with 500+ employees. Here’s what they said.

Big businesses carving out their place in the digital age find themselves in a constant battle against cybersecurity threats. Despite their access to state-of-the-art technology and substantial financial resources, these commercial giants are not impervious to attacks. The complexity of their networks and the voluminous data they handle magnify their attractiveness as targets for cybercriminals.

SaaS adoption has skyrocketed, offering organizations undeniable advantages. But beneath the surface lurk overlooked configuration errors. Misconfigured SaaS settings create security gaps. Broad permissions, weak defaults, and forgotten accounts jeopardize your security. These issues act as open doors for breaches and unauthorized access. The sheer scale of the problem is staggering – 70% of company software now resides in the cloud.

Yep, it’s that time of year again. The moment when that dreaded questionnaire from your Cyber Insurer lands on your desk like a ton of digital bricks. Suddenly, panic mode kicks in, and you’re transported back to those school days, facing an exam that seemed more daunting than Mount Everest. Remember how you used to play the skipping game with exam questions, hoping for a miracle to help you conjure up some brilliant answers? Yeah, it’s like déjà vu all over again.

This is the third in a series of four posts about shadow IT, including how and why teams use unapproved apps and devices, and approaches for securely managing it. For a complete overview of the topics discussed in this series, download Managing the unmanageable: How shadow IT exists across every team – and how to wrangle it.