Security is more important than ever. Cybersecurity has been a problem from the start of IT and it will be till the end. It all started with endpoint and network security, but today, we are also facing with cloudsecurity and managing employees to incorporate good security practices.
All these new technologies that help us innovate also helps cybercriminals and state sponsored hackers to get new tools they can use to get access to our systems, and in a worst case scenario, access to our most valuable data and business secrets. Also, with new legislation in place like GDPR, you need to make sure everything is secure, otherwise you just don’t lose your reputation, but you can also be fined by the government. Protecting IT-environments is more important than ever.
Your first line of defense is usually endpoint protection. The devices your employees work with need to be protected against ransomware and other malware which can bring lots and lots of trouble. This nowadays the most basic form of protection and many of the bigger vendors and suites can help you achieve this.
Network security is a bit more advanced, where you can manage which traffic goes across your network. You can also connect different networks together with e.g. SD-WAN. So, you can run protection software and share data between multiple locations. The trend we see in network protection on the datacenter side is to lock down the traffic by only allowing known, benevolent traffic sources. Regarding office networking, we see new initiatives like ZScaler coming up, where you tunnel all your staff over the network of ZScaler so they can analyse the traffic and block patterns that they marked as malicious. Especially for companies with employees that travel a lot, this is a smart solution.
Many thought that bringing workloads to the cloud would reduce their responsibility of doing security. It is now clear that this is not the case. Most cloud vendors practice the “shared responsibility” approach. This means that big hyperscalers can offer a first line of defense against well known threats and port scanners. For the more sophisticated attacks that are directly pointed at your servers, you need to have your protection in place.
The Python repository felt compelled to intervene after packages were uploaded that executed malicious code on devices. It was also temporarily unable to create new projects. PyPi has since returned to normal operation. However, it was not possible to register and create projects for 10 hours. G... Read more
22 days ago
For seven months, attackers had free reign to wreak havoc inside the AI infrastructure of major tech companies. An exploitation of vulnerability CVE-2023-48022 in the widely used open-source Ray framework has led to manipulated models, stolen hardware cycles and compromised data. Its developer Anys... Read more
22 days ago
With the CyberArk Secure Browser, companies can build additional security and privacy safeguards into employee browser sessions. CyberArk has experience in privileged access management. This allows employees' and partners' access rights to applications to be controlled so that only authorized us... Read more
23 days ago
Companies that have outsourced SOC operations through FortiGuard SOCaaS can now integrate Fortinet solutions (local or cloud-based) through the Security Fabric. This further streamlines mitigation processes for network environments. Users of the managed FortiGuard SOCaaS service can now integrat... Read more
23 days ago
CrowdStrike and Rubrik have announced a strategic partnership. Customers can now combine CrowdStrike's XDR platform with Rubrik Security Cloud, allowing security teams to better protect sensitive data. Both parties state that IT environments today are highly complex, requiring defenses against c... Read more
24 days ago
Figures from Google show that last year there were 97 actively exploited zero-day vulnerabilities. In 2022, the number was still 62 vulnerabilities. With this, the upward trend has returned. A year ago, the figures still showed a positive trend downward. According to Google data, the year 2021 m... Read more
24 days ago
Most companies globally are still not fully maturely prepared for cyber incidents. That's according to research by Cisco. Companies are still major targets of cyber attacks, such as phishing, ransomware, supply chain and social engineering attacks. Nearly three-quarters of companies expect to be... Read more
24 days ago
The increasing complexity of IT environments is leading to more hidden cyber threats. The risk of cyberattacks and data breaches through the software supply chain is hard to ward off, according to research by JFrog. To point out how cluttered corporate IT infrastructures can be today, JFrog cite... Read more
24 days ago
Expert talks
Regulations are constantly evolving, becoming more punitive with larger fines and penalties every year. As a result, there is a collective industry movement towards the continuous improvement of cybersecurity in business and their ecosystem. This includes understanding what policies and processes m... Read more
25 days ago
The FBI and the U.S. Cybersecurity and Infrastructure Agency (CISA) argue that SQL injections should be a thing of the past. Despite developers' knowledge for two decades of how to prevent this type of attack, it continues to cause widespread exploits. SQL injections insert malicious code into S... Read more
25 days ago
