I recently wrote a blog post outlining what to do in the first 24 hours after you have been breached, and in my conclusion I mentioned that capturing the incident in a case study could help unlock budget in future. Today, I want to look at this in more detail, and consider the approaches you can take to analyse the cost of a breach in order to make a request for appropriate preventative spend.

The first quarter of 2022 was rich with many unusual incidents of new ransomware groups, and new techniques. The most notable event of Q1 was without a doubt the ContiLeaks incident, courtesy of the Russia-Ukraine conflict, which lasted till not long ago, at the end of Q2. As the shockwaves of the Russia-Ukraine conflict have faded, when it comes to the ransomware industry, we have seen many families going “back to business”.

Have you ever looked at the curriculum offered in a Computer Science program? Across many different universities, there are some commonalities among the courses students take. Generally, there’s an introductory course in the first semester that introduces students to the world of computer science. Then over the course of subsequent semesters, students take courses about programming (including an introduction to OOP), databases, data structures, etc.

This is the final article of the DevSecOps series and how it overlays onto DevOps lifecycle. In the first article, we discussed build and test in DevSecOps. In the second article, we covered securing the different components of the deploy and operate process. The final phases of the DevOps lifecycle are monitoring the deployed applications and eventually decommissioning when they are no longer needed.

Today’s threat actors often carry out cyber attacks with the primary objective of accessing and exfiltrating sensitive information from your IT environment. Efforts to obtain this “crown jewel” information usually involve complex multi-phase cyber attacks. But another way in which sensitive data ends up in the hands of malicious actors with a lot less effort is when an organization exposes sensitive data assets in a data leak incident.

With flexible work environments now the norm, the use of endpoint devices has increased – whether your organization allows work-from-home days, hires freelancers, and collaborates through email and phone calls. Many employees require access to the corporate network to carry out their daily responsibilities, and endpoint devices allow employees to do just that. That said, endpoints have become one of the biggest attack vectors for cybercriminals since they are easier to target.

If you work in an organization, you’ve probably had to take a cybersecurity training course at some point during your time there. Regardless of whether you work in cybersecurity or not, most of us breeze through the slides or videos, halfway listening to the warnings about spear phishing emails and hacking tactics. We complete the training and then we tuck away the lessons learned until the next year when we have to do it all again.

Kubernetes leverages various deployment objects to simplify the provisioning of resources and configuration of workloads running in containers. These objects include ReplicaSets, lSets, Sets, and Deployments. A pod is the smallest deployment unit in Kubernetes that usually represents one instance of the containerized application.