Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Much has been made of cyber resilience in recent years. And with good reason: failing to bounce back quickly from a security event can have dramatic financial consequences. In early 2023, Royal Mail took several days to recover from a Lockbit cyberattack, losing upwards of £10 million in the process. However, for all the talk about resilience, the industry seems to be overlooking one of its fundamental tenets: risk management. It is, perhaps, understandable that we overlook risk management.

Whether it's because industrial control systems remain quite vulnerable to attacks, or because these systems manage valuable physical resources and uptime is essential—or a bit of both—attackers are increasingly targeting operational technology (OT) and industrial control systems (ICS).

Fireblocks has consistently led the way in providing the fastest and most diverse range of blockchain support. With a growing list of over 60 supported blockchains, Fireblocks enables our customers to securely custody tokens on the latest chains and quickly build innovative services for their customers. Today, we are excited to announce that Fireblocks has expanded our support for the Cosmos ecosystem – delivering custody, DeFi, and staking support across several leading appchains.

The stakes are higher than ever for CISOs. Just one breach can be catastrophic for an organization, and new rules and regulations add even more pressure. We surveyed 200 CISOs on the current landscape, and asked a handful of them for advice on how to overcome today’s challenges. Here are some of the key recommendations for CISOs who are navigating today’s cyber landscape.

Ongoing social engineering campaign targets enterprises, hackers expand DNS tunneling, and a malvertising campaign leads to ransomware.

As we navigate through 2024, banking fraud continues to evolve, presenting new challenges for financial institutions. Driven by advancements in technology and changing economic conditions, these threats require banks to stay vigilant and adopt robust strategies to protect themselves and their customers.

In Q1 2024, we saw an evolution in techniques used by attackers, some of which may point to longer term trends in the variation and sophistication of attacks faced by organizations. In particular, with regards to phishing, we saw SMS and voice-based tactics being used, which raises concern around the potential for deep fakes and AI-type technologies to further enhance the effectiveness of phishing attacks.

Today we’re excited to announce that Vanta has partnered with HITRUST Services Corp., the leader in cybersecurity assurances, to be the first automated compliance solution for the HITRUST e1 Assessment and reseller of the HITRUST MyCSF platform. Vanta is the first pre-built solution that includes the controls, documents, and policies necessary to demonstrate your commitment to safeguarding data and protected health information (PHI) — all in a way that can be validated by HITRUST. ‍

The widespread adoption of external libraries and packages in the modern application development process introduces potential security risks that could impact the entire application. To address this, Software Composition Analysis (SCA) tools like npm-audit and OSV Scanner play an important role.