Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Clearing Up Elements of Cloud Security | Ep 24
In this episode, Tripwire's Brent Holder and Raymond Kirk discuss what cloud security means today. Breaking down the different aspects of cloud security controls, they cover the technology, security implications and risks with cloud use.
8 Benefits of Implementing a Zero Trust Architecture
Offers threat protection against both internal and external threats– External threats or hackers act from outside the organization and have to overcome the external security defense system to have access to the organization’s data. Malware, Phishing, DDoS attacks, ransomware, Trojan, worm, etc. are some of the methods used by hackers to gain entry into the organization’s corporate network. Unlike external threats, internal ones are usually hard to detect.
Federal Effort to Improve Cybersecurity Prioritizes Log Management
In May, President Biden issued an executive order designed to improve cybersecurity in the federal government and, by extension, the nation. Recently, details have started to come out about what this much-needed effort will involve. The latest development is a memorandum from the Office of Management and Budget that focuses on data log collection and analysis.
Without MFA organizations won't get coverage
Recent cybersecurity incidents and ransomware attacks are driving companies to apply for cyber insurance. Meanwhile, over the last 12 months the rate of ransomware attacks has skyrocketed in both frequency and severity, driving significant changes in the cyber insurance marketplace. In years prior, cyber insurance submissions were simple and it was easy to obtain bindable quotes from multiple vendors.
Featured Post
Dev-first SAST: Increase your developer productivity while staying secure
Static application security testing (or SAST) used to be a term coined by the security team, to help developers test their code early in the software development life cycle (SDLC). Unlike dynamic testing, it does not require a working application, which allows developers to identify security vulnerabilities while they code, so they can spot them as soon as they appear and fix them when it's easiest and fastest to do so. This cuts down their future workload by decreasing the backlog of issues they'll have to address later.
How Kaseya fell victim to a ransomware attack
On July 2, 2021, the cybersecurity world woke up to yet another ransomware attack—this time, the victim was Kaseya, a software enterprise that provides IT management solutions predominantly to managed service providers (MSPs). The attack made a huge impact, affecting several MSPs and thousands of their customers. So, what exactly transpired in what most cybersecurity experts are calling the largest criminal ransomware attack on record?
Snyk Closes $530 Million Series F Investment at $8.5 Billion Valuation
Investment Reflects Market Shift to Developer Security and Increased Global Demand for Snyk's Developer Security Platform.
Westcon-Comstor Expands Partnership with Juniper Networks
Leading technology distributor magnifies presence in EMEA by growing partnership into Austria, Switzerland and for global customers.
Best Practices for Trusted Third-Party Risk Management
Third parties are a necessary part of your enterprise. They are your vendors, your suppliers, your contractors, and your partners. Without them, you can’t do business. Third parties provide cloud services, store sensitive data, and provide other important services. Unfortunately, third parties are also a major source of cyber risk. Cybercriminals often target third-party providers to target their clients’ data and networks, such as the notorious SolarWinds breach at the end of 2020.
Preparing for IT/OT convergence: Best practices
Modern-day industrial and critical infrastructure organizations rely heavily on the operational technology (OT) environment to produce their goods and services. Beyond traditional IT operations that utilize servers, routers, PCs and switches, these organizations also rely on OT, such as programmable logic controllers (PLCs), distributed control systems (DCSs) and human machine interfaces (HMIs) to run their physical plants and factories.