Author: Katrina Thompson

The Data Security Posture Management (DSPM) market is on a meteoric rise, and CISOs are taking note. Gartner predicts that by 2026, one in five organizations will have invested in the technology (up from only 1% in 2022). But in a market still in its early stages, the cement has yet to harden on what exactly a DSPM tool is (and isn’t) and what CISOs need to look for before investing. 1. Does it cover all our data services? A good DSPM solution needs to be able to find data across any of the varied services found in a modern-day…

We all know CISA as the governing agency for federal cybersecurity and the national operating hub for critical infrastructure security. But what are the free critical cyber hygiene services provided by the Cybersecurity and Infrastructure Security Agency (CISA), and how can you take advantage of them in your organization? What is CISA? CISA defines itself as “the Nation’s risk advisor” and explains how it is integral to mobilizing a collective defense to best manage risk to critical infrastructure. Despite being a federal agency, they work with both the public and private sectors, leveraging resources wherever they can find them: the…

The need for robust cybersecurity measures has never been greater in a time when cyber threats are evolving rapidly, and breaches have become an inevitability for businesses in every sector. Managing this complex threat landscape requires advanced solutions and skilled experts who understand modern threats and the malefactors behind them. However, despite the growing awareness of cyber risks, businesses struggle with a desperate shortage of cybersecurity skills. This is a significant problem, as internal security teams cannot keep up with the growing complexity, number, and sophistication of cyber threats. A Shallow Talent Pool In the face of the persistent cybersecurity skills shortage,…

Data Security Posture Management (DSPM) is a rising star in the cybersecurity world, and for good reason. With so many diverse environments, complex pipelines, and random repositories, important data often ends up in the wrong places, or worse – lost in the cloud without anybody knowing it. This “shadow data” can undermine an organization’s security posture entirely, leaving countless “ticking time bombs” for attackers to find and detonate. In their report, Innovation Insight: Data Security Posture Management, Gartner reviews the timeliness of DSPM and what it can do for hard-to-reach data that other tools leave behind. Three major takeaways: 1. …

It’s no secret that human error accounts for a disproportionate number of data breaches. Last year, it accounted for 74%; this year, the Verizon 2024 Data Breach Investigations Report noted that it rose to 76% per the same criteria. States the report, “The percentage of breaches caused by Error actions is rising…as opposed to external actors who are exploiting weak credentials through credential stuffing or brute force attacks.” And yet, catching people in the act of making a mistake is an incredibly difficult task. Almost insurmountable. So, how do you bring down errors? A better question might be: How do…

As we strive to “Secure Our World” this Cybersecurity Awareness Month, a few irrepressible haunts keep rearing their ugly heads. Here are some of the most malicious monsters hiding under our proverbial cybersecurity beds and what we need to know to stay safe this season. AI-generated misinformation From a fake social media Tom Cruise (old news) to a more recent – and serious – slew of political spoofs, visual fakes are being weaponized by anyone with access to cheap Artificial Intelligence (AI). Here are some real-life frights: AI-generated misinformation is so alarming because AI regulation is still nascent, and there…

Any company that employs APIs can tell you that they’re the glue that holds all things together, the hub that simplifies and scales digital growth. However, not all can tell you how to protect them. And that’s a problem. Thankfully, the OWASP (Open Web Application Security Project) API Security Top 10 can. A list defining the ten most nefarious, most relevant cyber threats to APIs each year, it is something that needs to be understood and studied by (at least) the security departments of any company that uses APIs, from startups to multinationals. Here’s why. Now, APIs are Everywhere Since…

Approximately 2.38 million customers worldwide use Amazon Web Services (AWS) to host and power their cloud-based business assets, per a recent market report. If you’re reading this, you’re probably one of them. With officially over half (50.1%) of the market share among the top ten cloud providers, it has a huge responsibility to ensure the safety of its customers. As part of its Shared Responsibility Model, it utilizes multiple high-powered security solutions to do the job, and AWS GuardDuty is one of its most common. However, no tool is perfect. The other half of the Shared Responsibilty Model – the…

In an era where everything IT-leaning is getting leaner, meaner, faster, and more secure, we need to make sure not to leave file transfers behind. As the security and IT landscapes modernize, organizations are increasingly looking for a way to modernize one of the most foundational elements of business – file transfer – to accommodate rising business needs. Fortra’s recent eBook, “MFT’s Role in Business: IT Leaders Weigh in”, covers this perspective from the eyes of nine industry experts with firsthand experience of an MFT solution, namely Fortra’s GoAnywhere Managed File Transfer (MFT). From solution architects to programmers, these IT…

The Financial Services industry (FinServ) has left its mark on the API landscape and continues to provide new reasons for innovation. From the first UK bank that pioneered Open Banking to the booming mobile payment industry, FinServ has prompted – and supported – the growth of APIs and their ongoing evolution as everyday artifacts. While that serves both the FinServ sector and the API industry, it presents some security challenges. Now that APIs are everywhere the money is, securing financial transactions is no longer the sole purview of the financial institution – it belongs to anyone, anywhere, developing any app…