Active Directory (AD) handles sensitive organization data like user credentials, personal information of employees, security permissions, and more. Because of this, AD is prone to being targeted by cyber attackers. Malicious actors are constantly coming up with new attack strategies, making it a challenge for organizations to secure their AD environment. This is why it’s essential that every organization formulates a cyber defense strategy to combat cyber threats and protect their AD.

This week it was revealed that a huge credential stuffing attack had cost sports betting organization DraftKings $300,000. More specifically, cyber-crooks had used credential stuffing to gain access to many DraftKings customer accounts via a large-scale account takeover (ATO) attack and withdrawn funds. DraftKings has subsequently reimbursed the affected accounts, leaving the business out of pocket rather than its customers.

Enterprise email encryption is a must-have security tool for anyone who wants to safeguard data that’s in transit. The truth is, there are numerous types and technologies available to help you with this, but what you need for your business ultimately depends on how seriously you want to take the protection of your own, and your clients’ or customers’ data.

‍HECVAT (Higher Education Community Vendor Assessment Toolkit) is a security assessment questionnaire that measures the cybersecurity risk of third-party vendors for higher education institutions. It helps universities ensure that their third-party vendors have implemented proper security practices and policies, which are measured against a comprehensive list of security controls, to protect the large amounts of sensitive data and personally identifiable information (PII) they manage.