Blog

Blog

How MSSPs Help with Cybersecurity Compliance

While always a part of business, compliance demands have skyrocketed as the digital world gives us so many more ways to go awry. We all remember the Enron scandal that precipitated the Sarbanes-Oxley Act (SOX). Now, SOX compliance means being above board on a number of cybersecurity requirements as well. Fortra's Tripwire recently released a new...
Blog

What is NERC? Everything you need to know

What is NERC?NERC stands for North American Electric Reliability Corporation. It is the organization behind ensuring the security and reliability of electric grids, and the NERC Critical Infrastructure Protection (CIP) reliability standard is the tool that provides responsible entities with the processes to achieve a crucial mandate: secure the...
Blog

Key Takeaways from the 2023 Domain Impersonation Report

One of the most pervasive and unavoidable threats on the internet, domain impersonation can be used by bad actors as the basis for a wide range of attacks. The various ways in which cybercriminals make use of lookalike domains often fluctuate, and the first half of 2023 has exemplified this fact. Staying on top of security and not falling victim to...
Blog

ICS Environments and Patch Management: What to Do If You Can’t Patch

The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Known unpatched vulnerabilities are often exploited by criminals to penetrate Industrial Control Systems (ICS) environments and disrupt critical...
Blog

Fighting AI Cybercrime with AI Security

On August 10th, the Pentagon introduced "Task Force Lima," a dedicated team working to bring Artificial Intelligence (AI) into the core of the U.S. defense system. The goal is to use AI to improve business operations, healthcare, military readiness, policy-making, and warfare. Earlier in August, the White House announced a large cash prize for...
Blog

ZeroFont trick makes users think that message has been scanned for threats

It's nothing new for cybercriminals to use sneaky HTML tricks in their attempt to infect computers or dupe unsuspecting recipients into clicking on phishing links. Spammers have been using a wide variety of tricks for years in an attempt to get their marketing messages past anti-spam filters and in front of human eyeballs. It's enough to make you...
Blog

What Does Secure by Design Actually Mean?

In this era shaped by digital innovation, the concept of Secure by Design is a critical safeguard against cyber threats. Read on to delve into the essence of Secure by Design and its profound relevance in today's technology landscape. As cyberattacks grow more sophisticated, comprehending the proactive principles behind secure design is paramount to...
Blog

The Cost of Cybercrime in the US: Facts and Figures

The importance of cybersecurity is no secret in our increasingly digital world. Even individuals who have no experience or expertise in tech or related fields are aware of the threat of hacking, phishing, and the like. It can be difficult, however, to actually quantify the risks of being targeted by these attacks. Keeping track of the trends in...
Blog

Closing Integrity Gaps with NIST CSF

The then-new 2014 NIST Cybersecurity Framework (CSF) was designed to plug security gaps in operational technology. It’s still in use today and more relevant than ever. Fortra’s whitepaper provides a cohesive review of this security staple and how to glean the best out of it for your strategy. A Brief History of NIST CSF “The full maximum NIST...
Blog

Visibility: An Essential Component of Industrial Cyber Security

In July 2021, the White House established a voluntary initiative for industrial control systems (ICS) to promote cooperation between the critical infrastructure community and the federal government. The fundamental purpose of the initiative was “to defend the nation’s critical infrastructure community by encouraging and facilitating the deployment of...
Blog

Best 10 Cybersecurity Podcasts

The cybersecurity industry is one in which staying in the loop on recent developments is incredibly important. Because technologies, industry conditions, and the threat landscape all change so frequently, it can be difficult to remain up to date on news, standard practices, and significant threats. Written articles can be of great help in this...
Blog

Defending against DDoS Attacks: What you need to know

Patience is one of those time-dependent, and often situational circumstances we experience. Few things define relativity better than patience. Think of the impatience of people who have to wait ten minutes in a line at a gas station, yet the thought of waiting ten minutes for a perfectly brewed cup of coffee seems entirely reasonable. It can’t be...
Blog

8 of the Best Cybersecurity Conferences

In the rapidly evolving realm of digital security, staying ahead of cyber threats requires continuous learning and collaboration. Cybersecurity conferences stand as beacons of knowledge, drawing experts and enthusiasts from across the globe. We’ve curated a list of the top eight cybersecurity conferences, each a melting pot of insights, innovations...
Blog

Snatch ransomware - what you need to know

What's happened? The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Snatch? As in the movie from twenty odd years ago? I'm not sure I've heard of Snatch before... Maybe you haven't. They don't have as high a profile as...
Blog

FBI's Most Wanted Cybercriminals in 2023

In an increasingly digitized world, the threat of cybercrime looms larger than ever. The FBI's relentless pursuit of cybercriminals remains a critical defense against this growing menace. We’re well into 2023, and the FBI's Most Wanted Cybercriminals list takes center stage, highlighting the individuals who pose significant threats to our digital...
Blog

Increasing Your Business’ Cyber Maturity with Fortra

When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of the sheer size of...
Blog

General Data Protection Regulation (GDPR) – The Story So Far

Do you remember where you were on 25th May 2018? Perhaps you were enjoying a Friday night drink with friends. Perhaps you were with family, relaxing after a busy week at work. I was actually having a GDPR Birthday party with friends and colleagues because 25th May 2018 was a landmark day for the world of Data Protection (yes, seriously, we had a...
Blog

The Consequences of Non-Compliance in Cybersecurity: Risks and Penalties

Non-compliance in cybersecurity marks a grave oversight. It involves neglecting established security protocols, leaving organizations vulnerable to malicious actors. Read on as we examine the potential risks of non-compliance, including heightened susceptibility to cyberattacks, the specter of data breaches, and the erosion of a company's hard...