As digital transformation picks up pace, companies are working with more vendors than ever. According to Gartner, 60% of organizations now work with more than 1,000 third-party vendors — including partners, sub-contractors, and suppliers. These third parties are essential to helping businesses grow and stay competitive, but third parties can also introduce unwanted cyber risk and overhead into the organization.

As everyone looks about, sirens begin to sound, creating a sense of urgency; they only have a split second to determine what to do next. The announcer repeats himself over the loudspeaker in short bursts... This is not a drill; report to your individual formations and proceed to the allocated zone by following the numbers on your squad leader's red cap. I take a breather and contemplate whether this is an evacuation. What underlying danger is entering our daily activities? 1…2….3….

The multiplicity of devices and the need to access network resources from anywhere has blurred the traditional security perimeter and extended it beyond the office, making endpoint security an essential pillar of a company's cybersecurity strategy. Both antivirus (AV) and endpoint detection and response (EDR) solutions are designed to secure devices. However, these solutions provide very different levels of protection.

SOC 2 (Service Organization Control 2) provides a framework for assessing and reporting on the security, availability, processing integrity, confidentiality, and privacy of systems and data of service organizations. It was developed by the American Institute of Certified Public Accountants (AICPA) to address the need for consistent and comprehensive security and privacy controls in service organizations.

Join security engineer Kayssar on a captivating journey as he delves into the achievements and challenges encountered by GitGuardian's security team throughout the year. And distills invaluable insights on fostering a culture of security awareness and openness within a rapidly expanding scale-up.

Summer is here, and things are heating up in the cybersecurity sphere. June saw a third-party vulnerability spiral into the furthest-reaching cyber attack of the year thus far, while separate attacks cut into summer plans for gamers, vacationers, and commuters alike.

On the 6th of July 2023, a joint advisory was published by CISA, the FBI, and CCCS (Canadian Center for Cyber Security) warning of a malware campaign actively exploiting a Remote Code Execution (RCE) vulnerability in Netwrix Auditor (CVE-2022-31199) for initial access.

USAA Auto Insurance is one of the leading insurance companies in the country today and is known for offering reliable coverage to many people in the country. The organization was founded in 1922 with a group of Army officers and has since expanded dramatically. The organization serves millions of individuals and has detailed information for so many customers that it's a real risk that the company recently went through a data breach.

A strong misconception abounds that managed providers are impervious to data loss. The truth, however, is that accidents can happen at any time, to any business. Finding a provider that takes data backup and protection seriously, therefore, is critical to the well-being of your business. Opti9—a leading provider of managed cloud solutions—is one company that is addressing this problem head-on.

It has been another significant week for data breaches in the United States. TSMC, the largest semiconductor company in the world, was hit by an attack that will impact major companies like Apple and others, and so were a huge number of insurance companies. Jackson NAtional, Talcott Resolution, and USAA were all victims of data breaches. So was UCLA, the massive public university.