Category: Security Intelligence

3 Strategies to overcome data security challenges in 2024

There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030. This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need…

ICS CERT predictions for 2024: What you need to know

As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater…

How I got started: Ransomware negotiator

Specialized roles in cybersecurity are proliferating, which isn’t surprising given the evolving threat landscape and the devastating impact of ransomware on many businesses. Among these roles, ransomware negotiators are becoming more and more crucial. These negotiators operate on the front…

How AI can be hacked with prompt injection: NIST report

The National Institute of Standards and Technology (NIST) closely observes the AI lifecycle, and for good reason. As AI proliferates, so does the discovery and exploitation of AI cybersecurity vulnerabilities. Prompt injection is one such vulnerability that specifically attacks generative…

From federation to fabric: IAM’s evolution

In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in…

The compelling need for cloud-native data protection

Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches…

How I got started: Cyber AI/ML engineer

As generative AI goes mainstream, it highlights the increasing demand for AI cybersecurity professionals like Maria Pospelova. Pospelova is currently a senior data scientist, and data science team lead at OpenText Cybersecurity. She also worked at Interest, an AI cybersecurity…

Data residency: What is it and why it is important?

Data residency is a hot topic, especially for cloud data. The reason is multi-faceted, but the focus has been driven by the General Data Protection Regulation (GDPR), which governs information privacy in the European Union and the European Economic Area.…

Back to basics: Better security in the AI era

The rise of artificial intelligence (AI), large language models (LLM) and IoT solutions has created a new security landscape. From generative AI tools that can be taught to create malicious code to the exploitation of connected devices as a way…

Third-party breaches hit 90% of top global energy companies

A new report from SecurityScorecard reveals a startling trend among the world’s top energy companies, with 90% suffering from data breaches through third parties over the last year. This statistic is particularly concerning given the crucial function these companies serve…

Mapping attacks on generative AI to business impact

In recent months, we’ve seen government and business leaders put an increased focus on securing AI models. If generative AI is the next big platform to transform the services and functions on which society as a whole depends, ensuring that…

Ermac malware: The other side of the code

When the Cerberus code was leaked in late 2020, IBM Trusteer researchers projected that a new Cerberus mutation was just a matter of time. Multiple actors used the leaked Cerberus code but without significant changes to the malware. However, the…

PixPirate: The Brazilian financial malware you can’t see

Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that…

DORA and your quantum-safe cryptography migration

Quantum computing is a new paradigm with the potential to tackle problems that classical computers cannot solve today. Unfortunately, this also introduces threats to the digital economy and particularly the financial sector. The Digital Operational Resilience Act (DORA) is a…

Beware of rogue chatbot hacking incidents

For years, chatbots have been a useful tool to help automate customer-facing applications. But what happens if the chatbot goes rogue? Recent reports have revealed that this may have happened to the Comcast / Xfinity chatbot. First, there were incidents…

Boardroom cyber expertise comes under scrutiny

Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to…

The CISO’s guide to accelerating quantum-safe readiness

Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure…

Cybersecurity trends: IBM’s predictions for 2024

From world events to the economy, 2023 was an unpredictable year. Cybersecurity didn’t stray far from this theme, delivering some unexpected twists. As organizations begin planning their security strategies for 2024, now is the time to look back on the…

IT and OT cybersecurity: A holistic approach

In the realm of cybersecurity, both information technology (IT) and operational technology (OT) present distinct challenges that organizations must navigate. Ensuring the security of these distinct domains is paramount to bolstering your overall cyber resilience. By following the best practices…

What the cybersecurity workforce can expect in 2024

For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study.…

Accelerating security outcomes with a cloud-native SIEM

As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with…

Best practices for cloud configuration security

Cloud computing has become an integral part of IT infrastructure for businesses of all sizes, providing on-demand access to a wide range of services and resources. The evolution of cloud computing has been driven by the need for more efficient,…

What cybersecurity pros can learn from first responders

Though they may initially seem very different, there are some compelling similarities between cybersecurity professionals and traditional first responders like police and EMTs. After all, in a world where a cyberattack on critical infrastructure could cause untold damage and harm,…

Unified endpoint management for purpose-based devices

As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and…

Pentesting vs. Pentesting as a Service: Which is better?

In today’s quickly evolving cybersecurity landscape, organizations constantly seek the most effective ways to secure their digital assets. Penetration testing (pentesting) has emerged as a leading solution for identifying potential system vulnerabilities while closing security gaps that can lead to…

The evolution of ransomware: Lessons for the future

Ransomware has been part of the cyber crime ecosystem since the late 1980s and remains a major threat in the cyber landscape today. Evolving ransomware attacks are becoming increasingly more sophisticated as threat actors leverage vulnerabilities, social engineering and insider…

Data security tools make data loss prevention more efficient

As businesses navigate the complexities of modern-day cybersecurity initiatives, data loss prevention (DLP) software is the frontline defense against potential data breaches and exfiltration. DLP solutions allow organizations to detect, react to and prevent data leakage or misuse of sensitive…

NIST’s security transformation: How to keep up

One thing that came out of the pandemic years was a stronger push toward an organization-wide digital transformation. Working remotely forced companies to integrate digital technologies, ranging from cloud computing services to AI/ML, across business operations to allow workers to…

What is data security posture management?

Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82%…

Could a threat actor socially engineer ChatGPT?

As the one-year anniversary of ChatGPT approaches, cybersecurity analysts are still exploring their options. One primary goal is to understand how generative AI can help solve security problems while also looking out for ways threat actors can use the technology.…

Virtual credit card fraud: An old scam reinvented

In today’s rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they…

The evolution of 20 years of cybersecurity awareness

Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved…

Understanding Saudi Arabia’s personal data protection law

You may be familiar with data protection laws like HIPAA, GDPR and CCPA. But did you know that other foreign countries are also introducing comprehensive regulations? To address escalating data protection challenges, the Personal Data Protection Law (PDPL) was implemented…

Cyber experts applaud the new White House cybersecurity plan

First, there was a strategy. Now, there’s a plan. The Biden Administration recently released its plan for implementing the highly anticipated national cybersecurity strategy published in March. The new National Cybersecurity Strategy Implementation Plan (NCSIP) lays out specific deadlines and…

How I got started: Attack surface management

As the threat landscape multiplies in sophistication and complexity, new roles in cybersecurity are presenting themselves more frequently than ever before. For example, attack surface management. These cybersecurity professionals are responsible for identifying, mapping and securing all external digital assets…

10 years in review: Cost of a Data Breach

Today, the pace of world change astounds us, and cybersecurity reflects that, unlike any other industry. The data from the last decade tells us an amazing — and sometimes troubling — story. In 2014, the average cost of a data…

What to know about new generative AI tools for criminals

Large language model (LLM)-based generative AI chatbots like OpenAI’s ChatGPT took the world by storm this year. ChatGPT became mainstream by making the power of artificial intelligence accessible to millions. The move inspired other companies (which had been working on…

Vulnerability resolution enhanced by integrations

Why speed is of the essence in today’s cybersecurity landscape? How are you quickly achieving vulnerability resolution? Identifying vulnerabilities should be part of the daily process within an organization. It’s an important piece of maintaining an organization’s security posture. However,…

How I got started: SIEM engineer

As careers in cybersecurity become increasingly more specialized, Security Information and Event Management (SIEM) engineers are playing a more prominent role. These professionals are like forensic specialists but are also on the front lines protecting sensitive information from the relentless…

Cost of a data breach 2023: Geographical breakdowns

Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches. To that end, IBM’s Cost of a Data…

The Growing Risks of Shadow IT and SaaS Sprawl

In today’s fast-paced digital landscape, there is no shortage of apps and Software-as-a-Service (SaaS) solutions tailored to meet the diverse needs of businesses across different industries. This incredible array of options has revolutionized how we work, providing cost-effective and user-friendly…

Are you ready to build your organization’s digital trust?

As organizations continue their digital transformation journey, they need to be able to trust that their digital assets are secure. That’s not easy in today’s environment, as the numbers and sophistication of cyberattacks increase and organizations face challenges from remote…

Why keep Cybercom and the NSA’s dual-hat arrangement?

The dual-hat arrangement, where one person leads both the National Security Agency (NSA) and U.S. Cyber Command (Cybercom), has been in place since Cybercom’s creation in 2010. What was once touted as temporary 13 years ago now seems established. Will…

Why consumer drones represent a special cybersecurity risk

Cybersecurity staff at an East Coast financial services company last summer detected unusual activity on its internal Atlassian Confluence page originating inside the company’s network. The MAC address used locally belonged to an employee known to be currently using the…

Machine learning operations can revolutionize cybersecurity

Machine learning operations (MLOps) refers to the practices and tools employed to streamline the deployment, management and monitoring of machine learning models in production environments. While MLOps is commonly associated with data science and machine learning workflows, its integration with…

Zero-day attacks are on the rise. Can patches keep up?

That latest cyberattack threatening your organization is likely coming from outside the corporate network. According to Mandiant’s M-Trends 2023 report, 63% of breaches came from an outside entity — a considerable rise from 47% the year before. When it comes…

Lessons learned from the Microsoft Cloud breach

In early July, the news broke that threat actors in China used a Microsoft security flaw to execute highly targeted and sophisticated espionage against dozens of entities. Victims included the U.S. Commerce Secretary, several U.S. State Department officials and other…

Remote access detection in 2023: Unmasking invisible fraud

In the ever-evolving fraud landscape, fraudsters have shifted their tactics from using third-party devices to on-device fraud. Now, users face the rising threat of fraud involving remote access tools (RATs), while banks and fraud detection vendors struggle with new challenges…

SIEM and SOAR in 2023: Key trends and new changes

Security information and event management (SIEM) systems remain a key component of security operations centers (SOCs). Security orchestration, automation, and response (SOAR) frameworks, meanwhile, have emerged to fill the gap in these capabilities left by many SIEM systems. But as…

The future of SIEM: Embracing predictive analytics

Security information and event management (SIEM) is a crucial tool that offers real-time monitoring and analysis of security-related events as well as tracking and logging of security data for compliance or auditing purposes. SIEM plays an important role in identifying…

The link between home, family and company security

It’s no surprise that cyber criminals target high-profile individuals or those with access privilege. Malicious actors often use social engineering and whale phishing attacks against these people to breach systems. But households and family members of company executives may also…

Threat hunting 101: How to outthink attackers

Threat hunting involves looking for threats and adversaries in an organization’s digital infrastructure that existing security tools don’t detect. It is proactively looking for threats in the environment by assuming that the adversary is in the process of compromising the…

How to prevent and prepare for a cyber catastrophe

Ransomware and data leaks are inconvenient and costly. But what about a cyber incident that leads to mass casualties?  The notion of “black swan” events — incidents that are so rare and unusual they cannot be predicted —  is a…

The evolution of security analyst experience

Cloud computing and IT modernization have created a more complex threat landscape, and security analysts are struggling to keep up. Security operations centers (SOC) are in need of an upgrade. The proliferation of cloud and hybrid environments simply creates more…