Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Oftentimes, three-letter acronyms trend and become buzzwords. At other times, they act as catalysts by influencing the business environment in which an organization operates. Such acronyms include CSR (corporate social responsibility), GRC (governance, risk, and compliance), and the most recent one, ESG (environmental, social, and governance). These are important business concepts that drive investment considerations and organizations’ cybersecurity commitments to customers.

Small and medium-sized enterprises are increasingly turning to managed service providers (MSPs) to take charge of their cybersecurity. This trend was highlighted in a Pulse survey last year, where 88% of the businesses surveyed had contracted cybersecurity tools from external providers and 55% had opted directly for an outsourcing model with MSPs. But as the demand for MSPs grows, so does the competition among them.

With how much of our personal and professional lives take place online, it becomes more important each day for us to understand our vulnerability to cyberattacks. Cybercriminals target emails, domains, and accounts in order to impersonate identities and scam consumers and businesses alike. In 2021 alone, email spoofing and phishing increased by 220% and caused $44 million in losses. It is crucial to employ defenses to protect against these attacks.

A recent survey of nearly 2,000 IT professionals found that while most (85%) enterprises believe cloud technologies are critical to innovation, only 40% actually have a security policy in place. On top of this, almost half of the respondents using cloud infrastructure reported their engineers and developers circumvent or ignore cloud security and compliance policies, demonstrating the importance of automation and monitoring technology.

Since the advent of the internet, personal data has been collected by internet companies in exchange for free services or content. This barter was also intended to provide personalized services to users. However, these data harvesters started selling data to advertising agencies for huge profits, which resulted in predatory marketing efforts towards internet users.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Some useful tools have been launched on AWS to try and stem the flow of breaches which usually result from bad configuration. Check them out.

Payment fraud is a huge problem for eCommerce and online retail businesses. Even among the world’s biggest companies, there are horror stories about payment security problems like credit card data theft and financial fraud: Cyberthreats like carding attacks are responsible for most modern large-scale data theft. Payment fraud losses cost companies more than $33 billion in 2021 — and this is expected to rise to more than $40 billion by 2027.

When you hear the term “chatbot,” your mind may at first turn to things like robotic customer support services on retail websites – a relatively mundane use case for chatbots, and one that is probably hard to get excited about if you’re a security engineer. But, the fact is that chatbots can do much more than provide customer support.