Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Trustwave have published a report outlining trends in business email compromise (BEC) attacks, finding that these attacks spiked in February of 2023. “For the first quarter of the year, we saw a 25% increase in unique attacks compared to the last quarter of 2022,” the researchers write. “February accounted for the highest volume of BEC emails in the first half of the year. January is the second most active month for BEC.

You may have heard that 1Password beta testers can sign into websites using passkeys stored in their vaults. We’re actively developing the internal library powering passkey authentication, and now we’re open-sourcing it!

Cybersecurity is complex — anticipating cybersecurity events is another challenge altogether. We could argue that most events can be described by some probabilistic phenomenon, but attempting to define that phenomenon is where things get tricky. IT environment exposure presents real risks, but mathematically (or statistically), we can only aim to describe the likelihood of a cyberattack by accounting for a finite set of factors.

Security analytics is a proactive approach to cybersecurity that uses data collection, aggregation and analysis capabilities to perform vital security functions — including detecting, analyzing and mitigating cyberthreats. Security analytics tools such as threat detection and security monitoring are deployed to identify and investigate security incidents or potential threats such as external malware, targeted attacks and malicious insiders.

Today, we are thrilled to share that WatchGuard has again been honored as part of CRN’s MES Midmarket 100 list for 2023! CRN’s prestigious annual MES Midmarket 100 program recognizes forward-thinking vendors that serve midsize customers with products and services designed to address the midmarket's unique needs.

The Network and Information Security 2 (NIS2) Directive is the European Union's (EU) second attempt at an all-encompassing cybersecurity directive. The EU introduced the legislation to update the much-misinterpreted Network and Information Security (NIS) Directive (2016) and improve the cybersecurity of all member states. It signed NIS2 into law in January 2023, expecting all relevant organizations to comply by October 18th, 2024.

In the ever-evolving cybersecurity landscape, businesses face an exhaustive battle to safeguard their valuable data while complying with industry regulations. To address these challenges, innovative solutions have emerged to enhance network security. Network visibility remains a crucial focus. The profound impact of heightened visibility cannot be ignored, as it plays a crucial role in fortifying network security and achieving compliance objectives.

Just as lifeguards vigilantly safeguard swimmers at the beach, endpoint security plays a critical role in protecting our digital environment.

At TrustCloud, we’re on a mission to democratize compliance, so we’re kicking off GRC Newsflash – a series where our experts give you a quick rundown on the latest buzz happening in the GRC, security, and privacy world. Today’s edition features our Compliance Specialist Frank Kyazze, and covers updates of the NIST Cybersecurity Framework 2.0, announced on August 8, 2023.

Cyberthreats and ransomware attacks can be crippling for municipalities and county government offices. Local government employees need to access a growing number of systems, applications and databases to perform their duties, while the rise of remote work has drastically increased the attack surface of a typical small government office.