The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. The new legislation proposes penalties for various cybersecurity-related offences. But they key one which has people concerned is this: The problem is, of course, that such a law may discourage the reporting of any potential data leaks.

The modern threat landscape is vastly different than it was just a few short years ago. The cloud is no longer a tool running alongside on-premises infrastructure. It’s now the backbone of modern organizations — nine in ten businesses see the cloud as “essential for growth,” according to a Deloitte study. It’s easy to see why, as cloud computing unlocks numerous efficiencies for small to mid-tier organizations looking to compete on a global scale.

One of the primary goals of information security is to protect data, which of course entails protecting the resources that store and provide access to that data. According to the NIST Cybersecurity Framework, organizations need to develop and implement the necessary protections to restrict or mitigate the effect of a possible cybersecurity incident. Security should be integrated right from the source of the cloud architecture design process.

The Digital Operational Resilience Act (DORA) came into effect on January 17, across the EU. This new regulation aims to fortify the cyber security defences of financial services firms and their suppliers against digital threats. Understanding DORA is crucial for businesses as it unifies cyber security regulations, reducing vulnerabilities and ensuring compliance. In this blog, we'll explore what DORA entails, its key components, and its implications for both EU and UK-based financial institutions.

It’s been over a decade since DevSecOps was introduced as a transformative approach to software development, but adoption remains uneven. Despite its promise of seamless integration between development, security, and operations, only 38% of organizations report fully automating the addition of new projects, branches, or repositories into their security testing queues.

Increasing frequency, new threat groups emerging, the rise of ransomware-as-a-service (RaaS) attack model, and third-party attacks are just a few of the dangerous trends Trustwave SpiderLabs details in Energy and Utilities Sector Deep Dive: Ransomware Trends. This report supplements the just released 2025 Trustwave Risk Radar Report: Energy and Utilities Sector. This broader and more comprehensive report analyzes the energy and utilities sector’s major threats and trends.