Resources

Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
Blog

Phishing Trends and Tactics: Q1 of 2023

In the world of cybersecurity, there are a few constants, one of the big ones being the fact that news, innovation, and threats move fast and are constantly evolving. It is important for security professionals to stay in the loop about major developments in cybercriminal activity and the cybersecurity industry. Fortra’s PhishLabs offer resources to...
Blog

5 Things Everyone Needs to Know About GRC

Over the following years, the costs associated with cybercrime, projected at $10.5 trillion annually by 2025, will exceed the estimated worldwide cybersecurity spending—$267.3 billion annually by 2026. Leadership needs to change its perspective on managing cyber risks instead of just spending more money to match the losses incurred. Cyber risk...
Blog

Tripwire Patch Priority Index for June 2023

Tripwire's June 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Progress MOVEit. First on the patch priority list this month are patches for the Progress MOVEit Transfer application. An exploit targeting the MOVEit vulnerability CVE-2023-34362 has been recently added to the Metasploit Exploit Framework. ...
Blog

The Top 10 Highest Paying Jobs in Cybersecurity – Part 1

If you’re looking for job security, look no further: The cybersecurity sector can keep you gainfully employed for a very, very long time. There are an ever-growing number of ways in which someone with cybersecurity prowess can contribute, and as digital assets continue to develop and diversify, it’s safe to say they’ll always be kept on their toes. ...
Blog

5 Cyber Survival Tips for Businesses

The past few years have been among the most challenging for most businesses. Lockdowns, staff reductions, and reduced revenues resulted in the demise of many businesses. For those who remained, the new onuses brought about by supply chain concerns and inflation present even greater reasons for maximum resilience in order to survive. With all the...
Blog

What is the FFIEC Cybersecurity Assessment Tool?

The FFIEC Cybersecurity Assessment Tool (CAT) is a diagnostic test designed to help institutions identify risks and gauge cybersecurity preparedness. The tool is primarily for financial and non-depository institutions, enabling organizations to make risk-driven security decisions informed by regular cybersecurity assessments and standardized risk...
Blog

Infosecurity Europe 2023 – that’s a wrap!

This piece was originally published on Fortra’s blog. Infosecurity Europe has closed its doors for another year. The aftermath of these events can be a strange time; still reeling from the chaos of the show floor and nursing feet unaccustomed to such intense use, it’s often difficult to make sense of everything we’ve learned. But, as the old adage goes, “when in doubt, write it out.” So, I...
Blog

What (Still) Needs to be Done to Secure the U.S. Power Grid in 2023?

It’s no secret that the U.S. power grid is one of the main foundations of the nation’s economy, infrastructure, and daily way of life. Now that almost everything is digitized, it is hinging on it even more. We wouldn’t be able to use even most vending machines (not to mention cell towers or the internet) without a working electrical supply, and the...
Blog

What is the Gramm-Leach-Bliley Act (GLBA)?

The Gramm-Leach Bliley Act (GLBA or GLB Act), or financial modernization act, is a bi-partisan federal regulation passed in 1999 to modernize the financial industry. It repealed vast swathes of the Glass-Steagall Act of 1933 and the Bank Holding Act of 1956, allowing commercial banks to offer financial services such as investments or insurance. It...
Blog

A Guide to 5 Common Twitter Scams in 2023

Elon Musk's ascension isn't the first thing to cause waves of scams on Twitter, and it certainly won't be the last. On July 20th of 2022, data belonging to over 5 million Twitter users was put up for sale on the internet underground for $30,000. The FTC reported that we've experienced a recent "gold mine for scammers" and the April bump to a 10,000...
Blog

BlackLotus bootkit patch may bring "false sense of security", warns NSA

The NSA has published a guide about how to mitigate against attacks involving the BlackLotus bootkit malware, amid fears that system administrators may not be adequately protected against the threat. The BlackLotus UEFI bootkit made a name for itself in October 2022, when it was seen being sold on cybercrime underground forums for $5,000. The news...
Blog

Insider Risk Hits Closer to Home

If you’re busy securing the perimeter, mandating strong authentication practices, and restricting software downloads, you may be missing the mark. (Just to be clear: if you are doing those things, keep it up. You’re off to a good start, and none of what follows here replaces classic and vital cybersecurity measures.) Protecting your organization...
Blog

The Real Value-Add of Red Teaming

They say character isn’t gained in a crisis; it’s displayed in one. By the time the disaster hits, the time for preparation has passed. But what if you could go through that earth-shattering event beforehand so when the time came, you’d be ready? Well, in security, you can. And it's not called cheating – it's called Red Teaming. It’s done...
Blog

2023 Zero Trust Security Report Highlights

Zero trust is a hot topic in cybersecurity, and for a good reason. There is no one-size-fits-all solution to securing your data and networks; rather, zero trust offers a more holistic perspective comprised of many different safety measures and practices and a shift in perspective on security. As threat actors step up their efforts and business...
Blog

How to Protect Against the Four Largest Cybersecurity Threats to Your Supply Chain

Digital technology is becoming an increasingly essential part of nearly every industry, and supply chains are no exception. In recent years, supply chains have become more dependent on digital solutions, from manufacturing, packing, and shipping processes, to storing records in the cloud. While digital technology increases speed, efficiency, and...
Blog

Top 5 Malware Trends on the Horizon

Cybercrime has become a dominant concern for many businesses, as well as individuals. Cybercriminals will target any business, and any individual if they can realize a profit from their minimal efforts. One of the ways that criminals achieve their goals is through the use of malware that garners a fast profit, such as ransomware. More enterprising...
Blog

The Wonderful Cybersecurity Community: Watching Past Employees Succeed

The cybersecurity community is one of the best communities around. Whether it is our peers, our colleagues, or our managers, there are a number of great qualities that we all share. That’s one of the reasons that we’re so lucky to work in this industry. One of the more interesting aspects of the industry is that there are so many ways to accomplish...
Blog

Minding Your Data Leaks: Simple Steps to Help Prevent Leaks

If you mention data leakage to most people, they may think that it sounds like a problem for a plumber, but the phrase “data leak” has specific and troubling concerns for a business. Data leakage is a particular security threat, and there are many sources for data leaks. Data Breach Versus Data Leak Data breaches occur when an attacker from...