The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of that determination. The disclosure should describe the material aspects of the incident, including the nature of the incident, the impact on the company, and the company's response.

Anyone who has played a Tower Defense-style game, (Plants Vs. Zombies being a favourite) knows the only way to hold off the hoard of brain-eating zombies is to know your weaknesses before the next wave attacks and to plan accordingly. Oddly, preparing a cybersecurity defense is somewhat similar: the player/organization knows attacks are coming, they have an idea from where and how they will be conducted, and they need to place the proper pieces on the board at the right place to stay safe.

The European Union introduced the EU Cybersecurity Act to boost cybersecurity measures and cyber resilience across EU member states. With a digitally connected Union, having consistent regulations for cybersecurity measures across member states is vital in protecting against cyber attacks.

In today’s rapidly evolving digital landscape, businesses are increasingly turning to cloud solutions to power their operations, streamline processes, and drive innovation. Among the leading players in this domain, Microsoft Azure stands out as a versatile and robust cloud platform that offers a wide array of services to meet diverse business needs. However, with great power comes great responsibility, and ensuring your Azure cloud’s security is paramount.

After a series of high-profile cryptocurrency heists, a state-sponsored North Korean malicious hacking group is poised to cash out millions of dollars. That's the opinion of the FBI, which this week has warned cryptocurrency companies about recent blockchain activity it has observed connected to the theft of hundreds of millions of cryptocurrency in recent months.

The Internet of Things (IoT) has unlocked a realm of innovation and transformation, promising to revolutionize industries across the board. Author Felipe Fernandes successfully points out in his article for Forbes “Mastering IoT Implementation: Strategies For Successful Outcomes,” the success of IoT initiatives hinges on careful planning, strategic execution, and a commitment to addressing key challenges.

In today's interconnected world, where digital transactions have become the norm, it is vital to be aware of the ever-present threat of fraud scams and take proactive measures to protect your hard-earned money. Whether it's one of the many types of cybercrimes (phishing emails, identity theft, online shopping scams, or investment fraud), fraudsters are constantly devising new ways to exploit unsuspecting individuals.

Research shows many companies now own and operate more than 60 disparate security tools, yet breaches continue to make headlines. Throwing more tools at the problem is a tactic that simply doesn’t work and— with trends pointing toward tighter security budgets—may not even be possible anymore. Security leaders are now in a position that requires them to ask tough questions and carefully scrutinize new security tools before pulling the trigger on purchases.

CISA added CVE-2023-24489 to the Known Exploited Vulnerabilities Catalog in August 2023. CVE-2023-24489 is an access control vulnerability impacting the use of Citrix ShareFile StorageZones Controller version 5.11.24 and below. Citrix ShareFile is a real-time collaboration platform. While ShareFile primarily offers a cloud-based file-sharing application, there are some features that accommodate data storage through the use of a storage zone controller.