Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Research shows that most of today’s cyberattacks occur when a cybercriminal gains access to a system through stolen credentials. Users with extra privileges, particularly IT administrators, are often targeted by threat actors who steal those privileges to access sensitive information and take control of systems. With an increase in virtual and hybrid work, across both the public and private sectors, these kinds of attacks are only becoming more common.

Security information and event management (SIEM) systems are crucial to cyber security, providing a solution for collecting and analyzing alerts from all manner of security tools, network infrastructure, and applications. But simply having a SIEM is not enough because to be truly effective, it must be properly configured, managed, and monitored 24x7.

CommScope is a massive tech company with more than 30,000 employees. The organization works with companies around the world and helps to establish network infrastructure systems for hospitals, schools, federal agencies, and more. CommScope is based out of Hickory, North Carolina, and has been in business since 1976. The massive company has an annual revenue of 9.23 billion USD and manages substantial networks for businesses throughout the United States.

Data breaches are harmful to the companies they hit as well as their customers, and this week telecommunications and networking companies were hit especially hard. T-Mobile and AT&T both suffered from serious breaches that put their customers at risk of being exposed. Networking giant CommScope was the victim of a vicious ransomware attack, putting network infrastructure technology at risk. Grocery chain Albertson's and dating sites were also exposed this week.

One of Canada’s largest credit unions, Coast Capital Savings Credit Union (CSS), with over 50 branches across the country, needed to protect critical PII data stored in their AWS cloud environments, Amazon Redshift, AWS EMR, and AWS S3. CSS had to meet Canadian regulatory standards for compliance in 2021, including the Personal Information Electronic Documents Act (PIPEDA), along with a data transformation initiative surrounding its architecture.

The proliferation of sensitive data continues to grow unabated, particularly for support agents using Zendesk. The Zendesk’s CX Trends 2022 Report found that ticket volume had increased across all channels, with webform/email up 10% YoY and chat up 17% YoY.

At RSA Conference 2023, a number of Netskopers from across the organization who attended the event in San Francisco shared commentary on the trends, topics, and takeaways from this year’s conference.

When you say, “SOAR is Dead,” you’ll get some attention, and that’s exactly what happened at RSAC 2023. But it wasn’t just a statement that created the buzz.

New research from the Cyentia Institute found that 98% of organizations do business with a third party that has suffered a breach. The report also found that the average firm has 11 third-party relationships and hundreds of indirect fourth- and nth-party relationships. Bottom line: an expanding attack surface makes companies more prone to cyberattacks.

Achieving and maintaining Cybersecurity Maturity Model Certification (CMMC) compliance is a critical requirement for organizations operating within the defense industrial base. As a comprehensive SIEM solution, UTMStack offers advanced features and capabilities that not only streamline the compliance process but also inspire confidence in security and protection.