January 3, 2024 at 11:45PM The increasing complexity of cybersecurity and compliance has made it difficult for smaller businesses without a Chief Information Security Officer (CISO). As a solution, many are turning to virtual CISOs (vCISOs), who offer part-time outsourced security expertise to help fill the gap. This model is particularly beneficial for smaller businesses … Read more
December 27, 2023 at 10:05AM The relationship between cyber-insurance providers and policyholders is strained due to the complex underwriting process and rising premiums. Cyber insurance is still in its early stages, experiencing growing pains. To establish a partnership, both parties need to focus on risk reduction and share electronic metrics for accurate policy pricing. Trust … Read more
December 14, 2023 at 05:57PM The text discusses the challenges in securing today’s attack surface and the need for modern Attack Surface Management (ASM) solutions in SecOps. It emphasizes the importance of robust ASM solutions that provide rapid discovery, real-time risk assessment, proactive risk remediation, and an integrated platform approach. The Trend Vision One platform … Read more
December 12, 2023 at 02:44PM Security vulnerabilities in Google Cloud’s “Dataproc” service could allow hackers to access sensitive data and execute unauthorized operations due to default open firewall ports without authentication. Despite researchers’ efforts, Google has not addressed the issue. They recommend proper network segmentation and vulnerability management to mitigate the risk until a fix … Read more
November 29, 2023 at 06:12PM XM Cyber has launched new features for managing exposure risks in Kubernetes environments, offering real-time insights into vulnerabilities for security teams. This enhances protection across hybrid clouds by integrating into XM Cyber’s Attack Graph Analysis. It provides complete visibility, prioritizes fixes, and supports quick deployment. The tools address a significant … Read more
November 8, 2023 at 01:04PM Zero Trust is a strategy for safeguarding against cyber risk, but implementing it can be complex. To successfully implement Zero Trust, organizations should consider factors like visibility and analytics, automation and orchestration, central management, analyst experience, and pricing flexibility and transparency. Trend Vision One is a platform that excels in … Read more
October 30, 2023 at 02:50PM Canada has banned the use of the popular messaging app WeChat and Russian platform Kaspersky on government smartphones due to privacy and security risks. The decision was made to protect government networks and data, and aligns with the actions of international partners. This move follows the banning of TikTok on … Read more
October 24, 2023 at 05:02PM Corvus Insurance has released their Q3 2023 Global Ransomware Report, showing that ransomware attacks are increasing at a record-breaking pace. The report reveals that global ransomware attack frequency has increased by 11% compared to Q2 and 95% year-over-year. The CL0P ransomware group has played a significant role in this spike, … Read more
October 16, 2023 at 10:52PM Phishing attacks have been on the rise, with a 29% increase in detections reported by Trend Micro for 2022. These attacks are becoming more sophisticated, including tactics like spear phishing, whaling, and QR code phishing. Organizations need to implement a layered approach to email security, including capabilities like email gateway … Read more
October 12, 2023 at 06:10PM DigiCert has announced the next generation of its Trust Lifecycle Manager called Discovery. This enables customers to create a centralized record of cryptographic keys and certificates, improving security and reducing the time needed for updates and threat remediation. The integration with services like Qualys and AWS Private CA allows for … Read more