78% of MSPs identify cybersecurity as prime IT challenge 2024-03-07 at 06:46 By Help Net Security Cybersecurity remained a top priority and an area of growth for MSPs, with 73% saying it’s a top revenue driver for their business, according to Kaseya. Ongoing cyberattack threats impact MSPs The threat of cyberattacks continues to weigh on […]
78% of MSPs identify cybersecurity as prime IT challenge Read More »
5 ways to keep API integrations secure 2024-03-06 at 08:20 By Help Net Security API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card data. Keeping this data safe from attackers—while ensuring that the integrations perform at the desired level—requires adopting several security measures.
5 ways to keep API integrations secure Read More »
Navigating regulation challenges for protecting sensitive healthcare data 2024-03-06 at 07:10 By Help Net Security In this Help Net Security video, Chris Bowen, CISO at ClearDATA, emphasizes the importance of digital health companies being more transparent with their users. As more and more Americans flock to direct-to-consumer digital health apps and resources, most people don’t
Navigating regulation challenges for protecting sensitive healthcare data Read More »
AI tools put companies at risk of data exfiltration 2024-03-06 at 06:03 By Help Net Security Data loss from insiders continues to pose a growing threat to security, with emerging technologies such as AI and generative AI (GenAI) only compounding the issue, indicating swift action is needed, according to Code42. Since 2021, there has been
AI tools put companies at risk of data exfiltration Read More »
Why cyber maturity assessment should become standard practice 2024-03-05 at 08:05 By Help Net Security Understanding risk is one thing, but how do you know if your organization has what it takes to withstand those risks being realized? Establishing cyber maturity can help determine resilience, where the strengths and weaknesses lie, and what needs to
Why cyber maturity assessment should become standard practice Read More »
Secure your hybrid workforce: The advantages of encrypted storage 2024-03-05 at 07:02 By Help Net Security In this Help Net Security video, Ryan Amparo, Field Application Engineer at Kingston Technology, discusses the benefits of encrypted external SSDs and USBs for hybrid workforces. He talks about the differences between software and hardware encryption, why it’s important,
Secure your hybrid workforce: The advantages of encrypted storage Read More »
What organizations need to know about the Digital Operational Resilience Act (DORA) 2024-03-05 at 06:31 By Mirko Zorz In this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act (DORA) on organizations across the EU, particularly in ICT risk management and cybersecurity.
What organizations need to know about the Digital Operational Resilience Act (DORA) Read More »
Organizations are knowingly releasing vulnerable applications 2024-03-05 at 06:18 By Help Net Security 92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house, according to Checkmarx. AppSec managers and developers share application security duties In recent years the responsibility for application security has shifted away from dedicated
Organizations are knowingly releasing vulnerable applications Read More »
PyRIT: Open-source framework to find risks in generative AI systems 2024-03-04 at 08:02 By Mirko Zorz Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection
PyRIT: Open-source framework to find risks in generative AI systems Read More »
Integrating software supply chain security in DevSecOps CI/CD pipelines 2024-03-04 at 07:01 By Help Net Security NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides actionable measures to
Integrating software supply chain security in DevSecOps CI/CD pipelines Read More »
New compensation trends in the cybersecurity sector 2024-03-04 at 06:31 By Help Net Security For several years, cybersecurity leaders have grappled with talent shortages in crucial cyber roles. In the face of escalating financial requirements and expanding responsibilities, these leaders are under heightened pressure to achieve more with fewer resources, creating roles encompassing multiple security
New compensation trends in the cybersecurity sector Read More »
Enhancing security through proactive patch management 2024-03-04 at 06:02 By Help Net Security Despite its importance, patching can be challenging for organizations due to factors such as the sheer volume of patches released by software vendors, compatibility issues with existing systems, and the need to balance security with operational continuity. To ensure effective patch management,
Enhancing security through proactive patch management Read More »
Photos: BSidesZagreb 2024 2024-03-04 at 05:46 By Mirko Zorz BSidesZagreb is a complimentary, non-profit conference driven by community participation, designed for information security professionals and enthusiasts to gather, exchange ideas, and collaborate. Help Net Security sponsored the 2024 edition that took place on March 1, and here are photos from the event. Bojan Ždrnja, CTO
Photos: BSidesZagreb 2024 Read More »
Cybercriminals harness AI for new era of malware development 2024-03-01 at 08:31 By Help Net Security The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites
Cybercriminals harness AI for new era of malware development Read More »
JCDC’s strategic shift: Prioritizing cyber hardening 2024-03-01 at 08:01 By Mirko Zorz In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception and tackles its 2024 strategic priorities in response to escalating cyber threats. He elaborates on JCDC’s strategies
JCDC’s strategic shift: Prioritizing cyber hardening Read More »
Key areas that will define the intersection of AI and DevOps 2024-03-01 at 07:33 By Help Net Security Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers advocate for stronger governance frameworks and AI security policies in organizations’
Key areas that will define the intersection of AI and DevOps Read More »
Businesses foresee major impact from new SEC cybersecurity disclosure rules 2024-03-01 at 07:04 By Help Net Security While 98% of security professionals and executives have started working to comply with the new U.S. Securities and Exchange Commission (SEC) cybersecurity disclosure ruling, over one-third are still in the early phases of their efforts, according to AuditBoard.
Businesses foresee major impact from new SEC cybersecurity disclosure rules Read More »
98% of businesses linked to breached third parties 2024-03-01 at 06:32 By Help Net Security According to the updated SEC regulations on cybersecurity incident disclosure, findings by SecurityScorecard reveal that 98% of companies are associated with a third party that has experienced a breach. It often takes months or longer for breaches to become public
98% of businesses linked to breached third parties Read More »
BobTheSmuggler: Open-source tool for undetectable payload delivery 2024-02-29 at 08:03 By Mirko Zorz BobTheSmuggler is an open-source tool designed to easily compress, encrypt, and securely transport your payload. It basically enables you to hide a payload in plain sight. BobTheSmuggler is helpful in phishing campaign assessments, data exfiltration exercises, and assumed breach scenarios. Features Hiding
BobTheSmuggler: Open-source tool for undetectable payload delivery Read More »
How organizations can navigate identity security risks in 2024 2024-02-29 at 07:34 By Mirko Zorz Managing IAM challenges in hybrid IT environments requires a holistic approach, integrating solutions and automating processes to ensure effective access controls and operational efficiency. In this Help Net Security interview, Deepak Taneja, CEO of Zilla Security, discusses identity security risks
How organizations can navigate identity security risks in 2024 Read More »