Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Wall Street Journal recently published an article about using highly-emotionally charged, “controversial”, subjects in simulated phishing tests. Controversial topic examples include fake pay raises, reward gift cards, and free Taylor Swift tickets. The younger half of our team is convinced the latter topic would have completely tricked them.

A new report sheds light on whether CISOs have been the victim of a cyber attacks, if they're every paid a ransom, their greatest cyber concerns, and much more. While most of the reports I cover on this blog are typically surveys of those "in the trenches," we do like to cover analysis of c-suite perspectives. The CISO Report from Splunk provides some interesting insight into experienced cyber attacks and their impact.

As increasing percentages of businesses experience cyberattacks, new data provides details on where the most organizational risk lies. According to U.K. cyber insurer Hiscox’s Cyber Readiness Report 2023, attacks are on the rise: With these increases, how prepared are organizations? According to Hiscox, organizations are spending money on the problem; the median cybersecurity spend is a little over $1.39 million (with enterprises spending $4.9 million).

Securing your Kubernetes environment and workloads is paramount in today’s digital landscape. Calico is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico prevents, detects, troubleshoots, and automatically mitigates exposure risks of security breaches across multi-cluster, multi-cloud, and hybrid deployments.

This week, threat actors targeted the vital aspects of many companies characterized by their robust cybersecurity. 23andMe got hit early on, suffering demographic and relationship exposures that may target Ashkenazi Jews and Chinese descendants. The D.C. Board of Elections was also targeted, potentially exposing the voter information of 600,000+ individuals. Flagstar Bank and Air Europa also suffered, leaking the payment information of their trusting consumers.

Mobile app security refers to the measures, protocols, and practices implemented to protect a mobile application, its data, and its users from unauthorized access, data breaches, vulnerabilities, and cyberattacks. This includes implementing encryption, authentication, access controls, secure coding practices, and regular security assessments to mitigate specific threats and risks to the mobile app and its ecosystem.