The holiday season brings a shift in how people and businesses operate: Some companies may partially shut down, leaving only a skeleton crew to manage their IT environments, while others head into their busiest time of year. This seasonal change in staffing and business operations, combined with the general holiday distraction, often creates risk and makes organizations more vulnerable to cybercrime.

In today’s digital age, the cybersecurity landscape is more akin to an ever-shifting battleground, where the only constant is change. Threat actors continuously evolve their strategies, exploiting new vulnerabilities and adapting to the latest defences.

The basis of Zero Trust is defining granular controls and authorization policies per application, user, and device. Having a system with a sufficient level of granularity to do this is crucial to meet both regulatory and security requirements.

Regularly reviewing user permissions is important to reduce the risk of data overexposure and breaches. Overpermissioned users pose a significant security risk. Restricting access to only necessary information for individuals to perform their jobs can significantly reduce risk. By conducting regular permissions audits in Microsoft 365 and SharePoint, organizations can ensure that sensitive information access remains appropriate, safe and secure.

Read also: Darkode admin gets an 18-month prison sentence, US authorities dismantle the IPStorm botnet, and more.

We recently released the State of Cloud Security study, where we analyzed the security posture of thousands of organizations using AWS, Azure, and Google Cloud. In particular, we found that: In this post, we provide key recommendations based on these findings, and we explain how you can leverage Datadog Cloud Security Management (CSM) to improve your security posture.

Validating the security of your organization’s sensitive information at a single point in time with an annual risk assessment can be helpful, but what about the other 364 days of the year? If you have a cloud application and hope to sell your services to federal agencies, point-in-time assessments won’t be enough.

Many people may be surprised that you can host your cloud storage straight from the comfort of your home. If you knew this was possible, you may wonder which is the best self-hosting solution for you, and chances are you may be considering Nextcloud. If that’s the case, congratulations, you’re in the right place! If not, congratulations anyway for considering an alternative cloud provider and switching to a private cloud storage solution.

Man Bites Dog: In an unusual twist in cybercrime, the ransomware group BlackCat/ALPHV is manipulating the SEC's new 4-day rule on cyber incident reporting to increase pressure on their victims. This latest maneuver highlights a sophisticated understanding of regulatory impacts in ransomware strategies.