Software supply chain attacks are not new, but as we’ve seen recently, if executed successfully they can have huge payoffs for sophisticated attackers. Detecting malicious code inserted into a trusted vendor’s security updates is extremely difficult to do at scale, and for most organizations, impractical given the time required to…
Read MoreThe phrase ‘future-proof’ is seductive. We want to believe technology prepares us for the future. But with threat actors and developers in an arms race to breach and protect, cybersecurity risk — and cybersecurity risk management — are always changing. As a recent report by World Economic Forum shows, businesses…
Read MoreThree years after I left my former job, I got an official letter telling me the organization suffered a data breach. My personal information was at risk of identity theft. I shouldn’t have been surprised. That job’s offboarding process hadn’t been the best. For years after leaving, I had access…
Read MoreWhen it comes to giving cyber security experts the tools they need to take action, automation and machine learning (ML) can make a big difference. Many companies are working with high volumes of data, and types and variants of attack are always growing and changing. It can become too much…
Read More