With the rise in popularity of technologies such as HashiCorp Terraform, Docker, and Kubernetes, developers are writing and maintaining more and more configurations in addition to building the application itself. The growing use of infrastructure as code presents security complexity and the potential for risk that developers often struggle with as their workloads increase and more advanced skills are required.
September confirmed some things we already knew about the current state of cybercrime: While undersecured corporate targets remain tempting targets for hackers, the situation is increasingly worse for data-rich organizations such as governments, schools, and healthcare facilities. All of those sectors had cause for concern as the month drew to a close.
When we discuss cybersecurity and the threat of cyber attacks, many may conjure up the image of skillful hackers launching their attacks by way of undiscovered vulnerabilities or using cutting-edge technology. While this may be the case for some attacks, more often than not, vulnerabilities are revealed as a result of careless configuration and inattention to detail. Doors are left open and provide opportunities for attacks.
This is the age-old question faced by so many tech teams: do we build or buy a system we need? TL:DR, Buying can save your engineer time for building the core stack and for the fun experiments needed to determine when to shake up the core stack.
When it comes to cybersecurity, vulnerability management is one of the older technologies that still play a critical role in securing our assets. It is often overlooked, disregarded, or considered only for checkbox compliance needs, but a proper vulnerability management program can play a critical role in avoiding a series data breach. CIS Control 07 provides the minimum requirements, table stakes if you will, for establishing a successful vulnerability management program.
Are you in the process of evaluating privileged access management solutions? Read on to learn what you should focus on to choose the right PAM solution to protect your organization’s data.
Supply chains are at the front of everyone’s minds right now. From fuel and food to toys at Christmas – the general public are starting to understand just how finely balanced the global supply chain truly is. Events like microchip shortages in Taiwan and the Ever Given blocking the Suez canal show how interconnected modern economies are, and how dependent our huge populations are on effective supply chains.
Since the Cybersecurity Maturity Model Certification (CMMC) was released in January 2020, there has been a lot of hand-wringing over what it means and who should actually care. This is especially true for AEC firms, many of which figure this regulation only applies to big system integrators and defense contractors like Northrup Grumman and Boeing. But CMMC isn’t just about large enterprises. Any organization that currently contracts with, or plans to contract with the U.S.
These days, when I cautiously venture to my favourite shopping mall on a weekend, I notice how different it is from a year-and-a-half ago, when no one had ever heard of COVID-19. It is busy, but not nearly as busy as it was back then. Sadly, I can rarely find my shoe size as merchandise stocks are low due to COVID-related supply chain issues.
Search engine optimization is one of the most important aspects of any business’s online marketing strategy. A well-maintained SEO plan provides a low-cost, long-term stream of relevant traffic into a website. Conversely, bad SEO can be very damaging to a business. Poor visibility on search engines like Google hands revenue over to competitors, forces higher spend on PPC advertising, and can damage trust with potential customers searching for you online.
