NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great

October 2, 2024 at 08:36AM NIST’s progress in addressing its backlog of security vulnerabilities fell short of its goal, with 18,358 CVEs still awaiting analysis as of September 21. Despite improvements, the enrichment process remains behind schedule, impacting organizations relying on NVD data. NIST’s efforts to expedite processing and clear the backlog continue, affecting cybersecurity … Read more

The Current Cybersecurity Landscape: New Threats, Same Security Mistakes

September 17, 2024 at 10:10AM Today’s cybersecurity landscape demands resilience amid economic turbulence and increasing cyber threats. Embracing generative artificial intelligence (GenAI) poses new risks if not properly implemented, especially as the pace of technology adoption outstrips security measures. The “2024 Thales Data Threat Report” highlights the pressing need for proactive cybersecurity and identifies three … Read more

Protecting Critical Infrastructure Means Getting Back to Basics

January 8, 2024 at 10:02AM Critical infrastructure organizations are both more efficient and more vulnerable due to dramatic changes in technology and cybersecurity landscapes. The integration of IoT, smart devices, and OT with IT operations onto cloud platforms streamlines operations but also increases susceptibility to cyberattacks. Rigorous asset management, simulations, and response readiness are crucial … Read more

Refocusing on Cybersecurity Essentials in 2024: A Critical Review

December 27, 2023 at 09:24AM In 2023, ransomware attacks and zero-day vulnerabilities in supply chains were the leading cyber threats, prompting the need for organizations to reassess their cybersecurity strategies. Despite increased spending in 2024, concerns about the effectiveness of security investments persist. To enhance security posture, organizations should prioritize data integrity, identity management, and … Read more