The Data Security and Protection Toolkit (DSPT), an online tool, is undergoing significant changes. From September 2024, the DSPT will now align with the National Cyber Security Centre’s Cyber Assessment Framework (CAF) to enhance cybersecurity measures across the NHS. This shift will impact many NHS organisations and require adjustments to their data security and protection toolkit strategies.

Microsoft 365 is the standard in modern enterprise environments, offering a robust suite of productivity and collaboration tools. With millions of users accessing sensitive data from various devices and locations, security vulnerabilities can arise, making it highly attractive for cybercriminals seeking to exploit and steal valuable data.

The Association of Certified Fraud Examiners (ACFE) recently released a report Occupational Fraud 2024: A Report to the Nations, where they estimated that most organizations lose about 5% of their revenue each year due to fraud. We have joined in our support of International Fraud Awareness Week and applaud the ACFE and their efforts to help raise awareness and reduce fraud that hurts all of us, whether we work for these organizations or are consumers of the goods and services they provide.

Cloud technology is rapidly becoming necessary for everyone to secure data online. Still, it has never been more important for businesses to evolve to the shifting digital landscape and migrate their data to the cloud. The public cloud computing market is estimated to be $675 billion this year, and it includes services related to business processes, platforms, infrastructure, and software.

When we think about our data being leaked onto the internet, we often picture it as our financial records, our passwords, our names and addresses... what is less often considered is the exposure of our private medical information. A French hospital has found itself in the unenviable position of learning that hackers have gained access to the medical records of over 750,000 patients following a cyber attack.

Zero Trust is a network security model that dictates that no one or no system should be trusted by default and that every attempt to access a network or application is a threat. For those who are naturally trusting of others, this concept is difficult to accept. However, distrusting every entity on a network until it has been verified is imperative today.

The first segment of this series highlighted anomaly detection and behavioral analytics for an early warning system regarding suspicious activities. But it is very important for mature adversaries for security teams to have tools in an arsenal to maintain the front-foot position.

Advanced Persistent Threat (APT) actors have become a significant concern for organizations worldwide, as they pose a substantial threat to sensitive information and critical infrastructure. One such APT actor is the Lazarus Group, also known as Hidden Cobra, which has been active since at least 2009. In this blog, we will delve into the motivation and recent activity of the Lazarus Group, highlighting their tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK techniques they employ.

Learn how Tanium's innovations and automation capabilities are empowering customers to build confidence and resiliency.

In the early days of cloud security, like in the early days of endpoint, the focus was on prevention. This makes sense: preventative measures are an essential way to reduce risk. Blocking known threats and attack paths makes sense as a way to harden an organization’s cloud estate. For many organizations, a prevention-only strategy in the cloud might seem completely sufficient for reducing risk – and it is to an extent. But prevention alone can only go so far.