Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Small and medium businesses are the backbone of many economies, yet they often do not have the same level of cybersecurity as larger businesses. This is because they think that they are too small to be a target, or they believe that their cybersecurity measures are adequate. In this blog post, we will discuss why SMBs are doing cyber security wrong – and how to get it right!

Cyberattacks often target the retail sector, although many of these threats are aimed at the e-commerce channel, businesses have also reported incidents where in-store Wi-Fi access points and even IoT devices are exploited as attack vectors. This is reflected in several studies, which reveal that, together with the education sector, the fashion industry was one of the hardest hit last year and 60% of retail companies are at risk of suffering an attack.

On today’s episode of the Future of Security Operations Podcast, Thomas speaks with Jason Barnes — the former Head of Global Security Operations at Netskope and current Senior Director at Charter Communications.

The team at LimaCharlie continues on its mission to develop the concept of Security Infrastructure as a Service. We added three new team members during the month of June with more coming! We also hosted a webinar on securing your CI/CD pipeline built around some new capabilities we added which allow for the ingestion and monitoring of GitHub audit logs. You can watch a recording of that webinar here: SecDevOps & LimaCharlie - Automating and auditing of GitHub access

At 2022’s AGConf (1Password’s annual employee conference), every employee received a goodie box to celebrate the event and the company’s successes over the past year. Our theme this year was “space”, so the goodie box included a kit for a Lego rocket ship (very appropriate considering our own CEO is a Lego aficionado).

As many threat actors and groups seek to utilize recently discovered vulnerabilities, the Cyberint Research Team found several XFiles stealer campaigns, in which Follina vulnerability was exploited as part of the delivery phase. Follina is one of the most widespread vulnerabilities discovered throughout 2022. The vulnerability allows a threat actor to perform a remote code execution (RCE) through malicious Word documents. XFiles stealer is a vastly used info stealer that took off during the end of 2021.

The job of a CISO is one of constant change and unexpected challenges. One of the most energetic environments to govern is that of a university. Universities function not only as academic institutions, but also as research hubs, hosting both curious students, as well as notable scholars. This is an audience not known for slow-motion progress. They need results, and they expect them quickly. At a large university, the responsibility of a CISO is dizzying.

The widespread adaptability and integration of tools and the professionals who can effectively use them to comply with the law will significantly impact the careers of both lawyers and other legal personnel. One of the fastest-growing areas in the legal profession in the United States is Privacy Law. Privacy certifications endorse attorneys as credentialed privacy lawyers. Privacy certifications can boost income streams and growth potential while increasing job stability and sustainability.

With the rising trend of digitization, major companies like Airbnb, Microsoft and Twitter are staying out of the office, moving processes online and allowing employees the option to work from home. Organizations are adopting remote and hybrid working models. As a result, many people are spending more than double the amount of time online as they did pre-pandemic.