Threat groups intending to cause widespread damage often opt to use a supply chain attack, as seen in the massive supply chain compromise that struck VOIP software provider 3CX on March 29. Trustwave SpiderLabs has issued a blog detailing the attack and upcoming steps to mitigate the problem. Striking an organization's supply chain simplifies the attack process by eliminating the need to strike multiple targets by instead focusing on breaching one organization that is key to many others.

Mobile device management (MDM) refers to a type of software that allows businesses to manage, configure and secure mobile devices used by their employees. Companies use MDM solutions to maintain a secure environment across all the mobile devices they own or have access to, as well as provide features such as remote wipe, password policies, application management and data protection. This helps them ensure security while providing their employees with access to the applications and data they need.

For someone who interacts with managed service providers daily, I am often asked to highlight the differences between our Office 365 security app Octiga and a SIEM that provides similar functionality OR a Microsoft native tool such as Secure Score. I thought, why not create an informative piece for our users who wish to understand Octiga services better?

‍ Data from the International Organization for Standardization (ISO) shows that ISO 27001 certification is one of the most rapidly-growing standards, with nearly 59,000 valid certificates in place as of December 2022. As a compliance framework that is based upon the core cybersecurity principles of people, processes and technology, ISO 27001 compliance provides your organization with significant benefits. So, you need to take action now.

What do public school students, BMW dealers, Canadian defense engineers, and the world’s richest human have in common? They all fell victim to some manner of cybercrime during March. We’ve seen time and time again that no group is off-limits in the world of cybercrime, and the span of attacks we’re covering this month highlights cybercriminals lack of preference when there’s data and money on the line.

Ask a cybersecurity professional what keeps them up at night and you’ll get answers about insufficient staffing, IT complexity or constant attacks on their business. Quantum computing isn’t likely to make the list. Yet as technological change accelerates, real quantum risks are coming into view. Now is the time to prepare corporate IT systems for the “death” of classic cryptography to safeguard data and privacy in the future.

TMX Finance is a large financial company that specializes in short-term loans for in-need individuals. The company has been in operation since 1998 and runs businesses like InstaLoan, TitleMax, and TitleBucks. The organization maintains more than 900 locations in 14 separate states and employs more than 2,000 individuals overall. This large finance company recently suffered from a cyber attack that exposed some of its customers in a serious way.

The threat of ransomware has been ever present in 2020, especially within the high-stakes industries like healthcare and those involved in the election. According to Verizon's 2019 Data Breach Investigations Report, 24% of security incidents that involved specific malware functionality exhibited ransomware functionality.

This past month at Vanta we launched a new brand, 32 new integrations, support for multiple & distinct identity providers (IdPs) and much more to improve the Vanta experience: ‍ ‍