Monday, May 30th, 2022, Microsoft issued CVE-2022-30190 for a Remote Code Execution vulnerability with the Microsoft Support Diagnostic Tool (MSDT) in Windows: “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.

“Software is eating the world.” That phrase entered the high-tech lexicon in 2011, courtesy of Marc Andreessen, co-founder of both Netscape and venture capital firm Andreessen Horowitz. His thesis is proven time and again. If you substitute data for software, it amplifies the power of Andreessen’s observation. Consider the following statistics on how much data is created every day: Technology users alone generate more than 1.145 trillion MB of data every day!

As financial institutions migrate to modern infrastructure and cloud services, bad actors have extended their skills and capabilities to achieve their missions. This is compounded by the fact that financial and payment vehicles continue to go virtual. Even the slightest breach can result in fines and reputational harm. Many financial institutions are successfully taking a risk-based approach to cybersecurity, according to our recent co-sponsored study with ThoughtLab.

Retailers are facing a more challenging cybersecurity environment than ever, according to a new study, Cybersecurity solutions for a riskier world. With physical and digital worlds colliding, greater levels of regulation, and more savvy cybercriminals, executives agree that we have entered a new era of cyber risk. In fact, 30% of retailers say they are not prepared for the threats ahead. In response to these changes, the role of the retail CISO is expanding.

Cyber attacks on corporate networks were up 50% in 2021, and it’s expected that 2022 will see more of the same. Elastic Endpoint Security includes a variety of protection layers to ensure maximum coverage against different types of malware. There have been a few examples recently of the need for fast, accurate updates of user environments in order to protect against the latest malware.

Cyber resiliency is the new norm in cybersecurity. Nothing can be 100% secure, and you’re looking for a cost-effective solution to enhance your security posture. At the same time, the rapidly expanding cybersecurity technology market makes it hard to find something that best fits your needs. Most people looking at Security Information and Event Management (SIEM) platforms want a tool that gives them high fidelity alerts to prevent their security analysts from drowning in false positives.

Using the NIST framework, ThoughtLab recently concluded a cybersecurity benchmark study that spanned across industries, including telecommunications. There is an urgent call to action for organizations to think and implement cybersecurity processes and technologies more strategically. The study shed some positive light for telecom companies as compared to peer industries.

Let’s admit it — switching to a new SIEM can be tough. And expensive. But even when it isn’t tough or expensive, it’s always scary.

One of the universal truths in technology is that security always lags behind innovation. Companies must move quickly as they seek to innovate, increase efficiencies and be disruptive in ever-crowded markets. Living on the bleeding edge means you will get a few cuts, but the risk of not adopting new technologies is greater than those of a few system failures or breaches. One challenge is that it is often not apparent what new risks exist until boundaries are pushed.