As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- TSA updates, renews cybersecurity requirements for pipeline owners, operators
July 26, 2023
The Transportation Security Administration (TSA) announced an update to its Security Directive regarding oil and natural gas pipeline cybersecurity. This revised directive will continue the effort to reinforce cybersecurity preparedness and resilience for the nation’s critical pipelines. Developed with input from industry stakeholders and federal partners, including the Cybersecurity and Infrastructure Security Agency (CISA) and the ...
- What might authentication attacks look like in a phishing-resistant future?
July 25, 2023
The industry has come a long way in terms of improving how we make user authentication more secure. From the most basic concept of relying on usernames and passwords for authentication to enabling multi-factor authentication (MFA) for additional security, we are now embracing a shift toward passwordless logins and/or passkeys that are designed with security ...
- A defense against attacks on unmanned ground and aerial vehicles
July 21, 2023
A University of Texas at Arlington engineering researcher is working on defenses that could thwart cyberattacks against networks of self-driving cars and unmanned aerial vehicles. “If hackers find a way to affect 10 out of 100 self-driving cars in a given area, they might have an impact on all 100 cars because the 10 hacked cars ...
- Supply chain security for Go, Part 3: Shifting left
July 20, 2023
The software development life cycle (SDLC) refers to the series of steps that a software project goes through, from planning all the way through operation. It’s a cycle because once code has been released, the process continues and repeats through actions like coding new features, addressing bugs, and more. Shifting left involves implementing security practices earlier ...
- Many businesses don’t even know they’ve been hit by a security breach
July 19, 2023
Many businesses don’t know if they have suffered a data breach, and probably wouldn’t be able to spot such an event at all, due to the ever-expanding threat landscape, and notification fatigue among IT staff, new research has claimed. A report from cybersecurity experts Vectra AI surveying more than 2,000 IT security analysts found that nearly ...
- NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing
July 17, 2023
Today, the National Security Agency (NSA) and CISA published 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—presents recommendations to address some identified threats to 5G standalone network slicing, and provides industry recognized practices for ...

