News May 22, 2023

Google’s Bug Bounty Hits $12 Million: What About the Risks?

4 min read - Bug bounty numbers have never been better. In 2022, Google rewarded the efforts of over 700 researchers from 68 different countries who helped improve the security of the company’s products and services. The total amount of awards grew from $8.7…

Risk Management May 18, 2023

Is Patching the Holy Grail of Cybersecurity?

4 min read - A proactive approach to cybersecurity includes ensuring all software is up-to-date across assets. This also includes applying patches to close up vulnerabilities. This practice minimizes risk, as it eliminates outdated software versions in the process. Does this make patching a…

Data Protection March 23, 2023

Cybersecurity 101: What is Attack Surface Management?

3 min read - There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface…

Risk Management February 24, 2023

With 40% of Log4j Downloads Still Vulnerable, Security Retrofitting Needs to Be a Full-Time Job

4 min read - Vulnerabilities like Log4j remain responsible for security breaches a full year after the discovery of the flaw. In the months after widespread reporting about the vulnerability, 40% of Log4j downloads remained vulnerable to exploitation. Rapid Response — by Both Security…

Risk Management January 23, 2023

Log4j Forever Changed What (Some) Cyber Pros Think About OSS

4 min read - In late 2021, the Apache Software Foundation disclosed a vulnerability that set off a panic across the global tech industry. The bug, known as Log4Shell, was found in the ubiquitous open-source logging library Log4j, and it exposed a huge swath…

Zero Trust September 14, 2022

Old Habits Die Hard: New Report Finds Businesses Still Introducing Security Risk into Cloud Environments

4 min read - While cloud computing and its many forms (private, public, hybrid cloud or multi-cloud environments) have become ubiquitous with innovation and growth over the past decade, cybercriminals have closely watched the migration and introduced innovations of their own to exploit the…

Data Protection April 18, 2022

The Next Frontier for Data Security: Protecting Data in Use

9 min read - Tremendous progress has been made over the last several years to protect sensitive data in transit and in storage. But sensitive data may still be vulnerable when it is in use. For example, consider transparent database encryption (TDE). While TDE…

Data Protection December 17, 2021

Why We Need To Beat ‘Breach Fatigue’ — At Work and at Home

4 min read - Data breaches come at such a fast pace that the public doesn’t seem to pay attention to the latest incidents, or they’re practically forgotten in a week — just in time for the next breach to make headlines. Instead of…

Data Protection November 29, 2021

What the SEC Requires From Businesses After a Data Breach

4 min read - Consumers have become wary of data breaches and the decreased safety of their personal information. However, the cost of a data breach is no longer only a matter of money and your company’s good name. There is now a third…

Data Protection November 3, 2021

Report: Cost of a Data Breach in Energy and Utilities

4 min read - On average, the cost of a data breach rose by 10% from 2020 to 2021. The energy industry ranked fifth in data breach costs, surpassed only by the health care, financial, pharmaceutical and technology verticals, according to the 17th annual…