Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. The analysis, by Comparitech, looked at 478 confirmed ransomware attacks on manufacturing companies between 2018 and July 2023, in an attempt to determine their true cost. Whereas many of the headlines...

We have come a long way in the cybersecurity sector in a relatively short period of time, but there remain many challenges in day-to-day operations that create security gaps in many organizations. One of the most common is tied to how we build our solutions, making sure they are secure out-of-the-box instead of only being evaluated during a pen test...

Most small and midsized businesses trust an IT services partner to help them secure their networks. A few years ago, high-profile cyberattacks targeting MSP vendors Kaseya and SolarWinds thrust the security risk of relying on a complex chain of vendors into the technology media and moved the Department of Homeland Security to issue a statement...

Cyber Threat Intelligence (CTI), or threat intelligence, is evidence-based knowledge established from current cyber threats, gathered from myriad sources to identify existing or potential attacks. Threat intelligence assists in identifying the motives, targets, and attack behaviors of a threat actor and implementing strong defenses from future...

Despite being the second-largest internet market in the world, India has yet to pass a comprehensive data privacy bill. It is important to have policies and regulations in place to protect them and their right to data privacy—a right that India’s Supreme Court recognized in 2017. Since then, the country’s government has been working towards passing...

The General Data Protection Regulation (GDPR) is a set of privacy and security standards put into effect by the European Union (EU). Widely accepted as the world's strictest security and privacy law, GDPR imposes regulations on organizations that target or collect data relating to people in the EU. European Parliament signed GDPR into law in 2016,...

The latest Verizon Data Breach Investigations report indicates that over 70% of data breaches involved the human element. Cybercriminals exploit people to trick them into clicking unsafe links, opening malicious attachments, entering their credentials into bogus login pages, sharing sensitive data, and authorizing fraudulent fund transfers. One...

The ransomware, malware and phishing attacks going on in the healthcare industry are quite alarming these days. The customers' data in the healthcare industry is more sensitive than in most industries, and this has proven to be a sweet spot for threat actors. Recent research by Infloblox reported that in 2022, there were over 546 major data breaches...

New rules requiring publicly-listed firms to disclose serious cybersecurity incidents within four days have been adopted by the US Securities and Exchange Commission (SEC). The tough new rules, although undoubtedly well-intentioned, are likely to leave some firms angry that they are being "micromanaged" and - it is argued - could even assist...

How many security products does it take to monitor an organization? Even a small company often finds itself working with multiple monitoring tools to gain visibility into its security posture. This creates multiple blind spots, as a security analyst needs to jump between different tools with different formats and configurations to research a...

Machine learning (ML) is a subset of Artificial Intelligence (AI), which enables machines and software to automatically learn from historical data to generate accurate output without being programmed to do so. Many leading organizations today have incorporated machine learning into their daily processes for business intelligence. But the ability of...

Large data can offer a massive affordable advantage for companies. Scientists, information analysts, marketing professionals, and advertisers rely upon receiving valuable insights from substantial pools of consumer information. When examined correctly, this information can provide valuable insight for organizations that understand how to use it. ...

Introduction For the longest time within the cybersecurity industry, we have had Chief Information Security Officers (CISOs) whose role is to set the strategic direction for Information Security within an organisation. But what are the stepping stones to becoming a CISO? In the past, this has been a difficult question to answer, but typically the...

I recently spoke at a Fortra Webinar about CIS and MITRE. More specifically, I discussed the intersection between the CIS Critical Security Controls, CIS Benchmarks, and MITRE ATT&CK. In this post, I won't go into deep details about the core background, but there are plenty of excellent references available online, including our breakdown of the...

A few years back, data was constrained to the on-premise infrastructure. Data management, governance, and protection were fairly uncomplicated in this enclosed environment. The emergence of cloud computing and multi-cloud infrastructures has not only introduced more complexity in data management and governance, but it has also increased security...

In our increasingly digital world, global communications and financial interactions are nigh inescapable for anyone in any industry or walk of life. The infrastructure in place for international transactions is complex and layered, containing moving parts that work in tandem to make things like transferring money nearly seamless. Many of those...

We're all familiar with tech support scams - where the unwary are tricked into granting remote access to their computers by fraudsters, in the belief that the "tech support person" will fix a non-existent "problem" (such as a "virus infection") or make a refund after claiming that there has been fraudulent activity detected on an account. It's not...

Human error is a major contributing factor to company data breaches. More than 340 million people may already have been affected by a data breach in the first four months of 2023. With cybercrime rates soaring around the world, it’s clearly an area where investment and expertise are required. While updating laptops with the latest antimalware...

Not too long ago, I watched an automobile commercial on television in which the manufacturer placed a huge emphasis on integrity, going on to define the lines of the automobile. I was impressed by this advertisement, so much so that I started looking at all vehicles in a new way. I would walk around the vehicle and look to ensure the spaces between...

As business operations evolve, the challenge of securely moving data within the cloud is one of elevated concern. Transferring sensitive information to it is another. Many are caught between what worked in on-prem technologies and what is needed in cloud-based architectures. Others have sidestepped the security challenges by implementing a Managed...