October 1, 2024 at 02:04PM CISOs face challenges in hiring and retaining cybersecurity talent due to limited budgets and skills shortages. Despite boards’ decent understanding of cyber risks, there is a gap in knowledge of mitigation strategies. To address this, CISOs can use AI to ease the burden on teams and engage boards with correlated … Read more
September 25, 2024 at 08:40AM Virtualization technology has revolutionized server-based computing over the past 20 years, optimizing resources and enhancing availability. However, the rise in high-profile attacks on hypervisors poses a significant threat to virtualized tier-one applications. Organizations are urged to consider migrating tier-one applications to physical hardware, the cloud, or SaaS solutions to minimize … Read more
September 17, 2024 at 09:15AM Element Security, an Israeli startup founded in 2021 by Daniel Lublin and Omer Cohen, has raised $5 million in funding. The company has launched a cloud-based Continuous Threat Exposure Management (CTEM) platform and attracted global companies in finance, aviation, and automotive sectors. Element’s platform aims to identify and mitigate risks … Read more
August 28, 2024 at 10:47AM Hitachi Energy advises immediate upgrade to the latest version of MicroSCADA X SYS600 to address multiple critical and high-severity vulnerabilities in the product. The vulnerabilities pose confidentiality, integrity, and availability risks, impacting over 10,000 substations and various industries. Hitachi Energy is not aware of any current exploitation, but urges prompt … Read more
July 17, 2024 at 04:40PM The press release highlights the growing trend of organizations adopting Zero Trust architectures in response to evolving cybersecurity threats. It emphasizes the challenges and common mistakes organizations face when implementing these strategies, such as overlooking organizational culture, underestimating human risk, neglecting the supply chain, failing to plan for sustainable success, … Read more
July 17, 2024 at 12:08PM Enterprise security teams are increasingly addressing the risks associated with the use of AI-enabled applications. An analysis by Netskope found that organizations are implementing controls such as blocking policies and data loss prevention tools to protect against the sending of sensitive data to AI apps. The focus is now shifting … Read more
July 17, 2024 at 07:18AM The text outlines the threat posed by accidental insiders in cybersecurity. It discusses how employees, through lack of awareness or pressure to perform, can compromise security. The text highlights the potential consequences of such breaches and proposes proactive measures to mitigate the risk, emphasizing the importance of training, organizational controls, … Read more
July 11, 2024 at 03:13PM The text discusses the concept of “security theater,” where companies prioritize the appearance of security over actual risk mitigation. It outlines the various actors involved in creating this illusion and warns about the legal and financial consequences. The importance of true security, evolving with technology and enforcing a growth mindset, … Read more
July 9, 2024 at 10:03AM The cyberattack on Ivanti’s asset management software has prompted action from CISA and raises questions about exploit techniques, breach response, and downtime costs. Attackers bypassed authentication and gained unauthorized access, prompting CISA to intervene and take Ivanti’s systems offline. The incident emphasizes the importance of robust cybersecurity measures and proactive … Read more
June 24, 2024 at 03:02PM Application security programs are often challenging, with overloaded staff and communication issues. Despite these hurdles, a team successfully resolved 70,000 out of 80,000 security vulnerabilities in three months. Citizen developers are pervasive in enterprises, creating unique security challenges. A successful AppSec program for citizen developers requires automation, self-service, and adherence … Read more