CYBER THIS WEEK – OCT 1, 2023
4 ways MDM solutions can help IT stay ahead of regulatory compliance
At its core, MDM has been first and foremost thought of as a management tool, enabling IT departments to remotely administer device configuration, enforce corporate policies, and ensure data security. However, many forward-thinking IT leaders have come to appreciate that what makes MDM an effective security bulwark can likewise serve as a vehicle to streamline endpoint compliance.
4 ways MDM solutions can help IT stay ahead of regulatory compliance | Security Magazine
Sophisticated Ransomware Calls for Sophisticated Protection and Recovery
Protection from ransomware is an arm’s race. While it’s impossible to prevent all current and future threats, there are ways organizations can bolster their protection now. The most critical step is ensuring organizations can recover their data from ransomware attacks.
Sophisticated Ransomware Calls for Sophisticated Protection and Recovery – CPO Magazine
Web app, API attacks surge as cybercriminals target financial services
The financial services sector was the third most targeted by web app and API attacks during Akamai’s reporting period, largely due to the industry’s continued digitalization and the rate at which adversaries are exploiting vulnerabilities in attacks
Web app, API attacks surge as cybercriminals target financial services | CSO Online
The Growing Risks of Shadow IT and SaaS Sprawl
To counter the threats posed by shadow IT and SaaS sprawl, businesses must implement policies that provide better oversight of third-party applications while enforcing strict security measures within their organization.
The Growing Risks of Shadow IT and SaaS Sprawl (securityintelligence.com)
Threat Data Feeds and Threat Intelligence Are Not the Same Thing
In cybersecurity, “threat data feeds” and “threat intelligence” are often used interchangeably. They are, however, quite different. To make matters worse, the term “threat intelligence” has been co-opted and watered down by vendors, making it even more difficult to define the difference between threat data feeds and threat intelligence.
Threat Data Feeds and Threat Intelligence Are Not the Same Thing (darkreading.com)
The changing face of cybersecurity threats in 2023
Using the “same old” low-skill tactics, common tools, and a bit of social engineering, hackers can get around complex security policies such as multi-factor authentication (MFA) and identity and access management (IAM) systems. Let’s revisit the most prevalent security threats and see how they’re evolving in 2023.
The changing face of cybersecurity threats in 2023 | CIO
Why Trust Is Key In Cybersecurity: Analyzing The MOVEit Ransomware Attacks
In today’s interconnected digital landscape, the effectiveness of cybersecurity extends far beyond a company’s own attack surface. The recent MOVEit incidents serve as a vivid reminder that cybersecurity is intertwined with a vast ecosystem of partners and vendors.
Trust Is Key In Cybersecurity: Analyzing The MOVEit Ransomware Attacks (forbes.com)
A Guide to Zero-Day Vulnerabilities and Exploits for the Uninitiated
A zero-day (also known as a 0-day) vulnerability is a software issue unknown to the software vendor which an attacker can leverage to gain unauthorized access to a network, move laterally within it, steal data or compromise part of the system.
Which Types of Data Breaches Warrant Greater Punishment?
As cybersecurity risks increase and as our concepts of data evolve, firm cultures and firm practices must also evolve. Selecting vendors who handle or assist you in transmitting your firm data based on which ones send you the best cookies is no longer reasonable. You should adopt vendor policies requiring lawyers and staff in your firm to use third party vendors that have undergone rigorous security assessments and adopted practices and policies to appropriately safeguard client data.
Which Types of Data Breaches Warrant Greater Punishment? | Calloquy, PBC – JDSupra
Businesses disconnected from realities of API security
APIs are indispensable in today’s modern environment, but everyone is worried about ransomware, phishing attacks and data breaches. This research validates why security leaders must continue to prioritise API security
Businesses disconnected from realities of API security | Computer Weekly