Here’s an overview of some of last week’s most interesting news and articles:
March 2021 Patch Tuesday: Microsoft fixes yet another actively exploited IE zero-day
As system administrators and security teams around the world worked on ascertaining whether they’ve been breached and compromised via vulnerable Microsoft Exchange Server installations, Microsoft has fixed additional CVEs, including an Internet Explorer memory corruption flaw that’s being exploited in the wild and one Windows Win32k EoP flaw that is publicly known.
How do I select a SOAR solution for my business?
To select a suitable SOAR solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.
Getting your application security program off the ground
The application layer is quickly becoming more exposed to the outside world, drastically increasing the attack surface.
Keeping your serverless architecture secure
Serverless architecture empowers organizations to build and deploy software at scale without in-house servers. The prevalence of Function-as-a-Service (FaaS) models like microservices is a testament to the popularity of serverless architectures.
2021 Hacker Report: Hackers are not just driven by money
38% of hackers spent more time hacking since the COVID-19 pandemic started.
Two new ways backup can protect enterprise SaaS data
Software-as-a-Service (SaaS) apps are a treasure trove of information. They’re where business takes place and decisions get made, so it’s not surprising that they’re attractive targets for bad actors.
49% of female cybersecurity pros say the pandemic had a positive impact on their career
According to a new global report from Tessian, 94% of security teams hired new staff members in 2020 to support their teams, with IT, finance and healthcare industries making the most hires.
Number of ransomware attacks grew by more than 150%
By the end of 2020, the ransomware market, fueled by the pandemic turbulence, had turned into the biggest cybercrime money artery.
Compromised devices and data protection: Be prepared or else
The January 6 riot and storming of the U.S. Capitol serves as a reminder that any of our devices can be lost or stolen instantly and absolutely unexpectedly, and that the only way to protect data is through the security processes that were previously put in place.
Passing a compliance audit in the cloud doesn’t have to be hard
Audits can be frustrating for companies that use cloud services and rely on the provider to ensure all of the actions necessary to comply.
How to mitigate security risks as cloud services adoption spikes
Let’s explore some of the key challenges facing organizations, look at how hardware innovations are impacting this space, and review some key tips to consider.
Starting your cybersecurity career path: What you need to know to be successful
Now is the time for individuals who have been considering taking the leap into the industry to act.
Trends that will influence remote work in 2021 and beyond
Businesses are thriving in remote environments, with 83% of company leaders reporting the shift to remote work has been successful for their organization.
Alert overload still plagues cybersecurity industry
Reseachers surveyed 100 SOC professionals across enterprises, Managed Security Services Providers (MSSP) and Managed Detection & Response (MDR) providers to evaluate the state of incident response within SOCs from a variety of perspectives, including alert volume and management, business models, customer communications, and SOC analyst training and turnover.
Security awareness programs: The difference between window dressing and behavior change
CISOs are responsible for pursuing cybersecurity purchases that align with the overall health of their organizations. All investments must drive tangible value and ROI while also contributing to the organization’s overall security posture. Security awareness training is a hotly debated topic for this reason.
Most decision makers plan to increase spending on cybersecurity this year
40% of polled cybersecurity decision makers froze recruitment in cyber, 29% made redundancies and one in five furloughed staff responsible for cyber resilience programs in 2020.
eBook: Protecting Active Directory
Microsoft Active Directory (AD) is ubiquitous across the corporate landscape and a perfect target for cyberattacks due to its popularity and importance. A single set of compromised credentials could potentially leave your enterprise’s identity management infrastructure vulnerable, leading to a network security failure.