CrowdStrike-Whitepaper: Five steps your organization can take to improve security in a multi-cloud environment

Embracing the cloud is critical to realizing digital transformation initiatives and long-term growth plans. But while the cloud may grant organizations newfound agility, it can also introduce new vulnerabilities for organizations that lack the internal knowledge and skills to effectively understand security needs in the cloud. Put simply, traditional security models are unsuitable for the cloud. Enterprises must adapt their …

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats

In response to recent malicious cyber incidents in Ukraine—including the defacement of government websites and the presence of potentially destructive malware on Ukrainian systems—CISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats. The CISA Insights strongly urges leaders and network defenders to be on alert for malicious cyber activity and provides a checklist of …

Beware of Digital ID attacks: you Face can be Spoofed

Digital idntification is the focus of two new reports by the European Union Agency for Cybersecurity (ENISA): an analysis of self-sovereign identity (SSI) and a study of major face presentation attacks. Trust in the identity of a natural or legal person has become the cornerstone of our online activities. It is therefore essential that digital identity is kept highly secure …

IBM Acquires Envizi to Help Organizations Accelerate Sustainability Initiatives and Achieve Environmental Goals

IBM today announced it has acquired Envizi, a leading data and analytics software provider for environmental performance management. This acquisition builds on IBM’s growing investments in AI-powered software, including IBM Maximo asset management solutions, IBM Sterling supply chain solutions and IBM Environmental Intelligence Suite, to help organizations create more resilient and sustainable operations and supply chains. This acquisition closed on …

2021 Managed Services Report

New research finds low confidence in Managed Services security solutions. How is it that a majority of survey respondents (68%) use MSSP/MDR solutions to fill security gaps, yet nearly half (47%) are not confident in the technology or the people. As you enter 2022 there’s important data that you should know, read the report.      

How CrowdStrike Protects Customers from Threats Delivered via Log4Shell

Log4Shell, the latest critical vulnerability, found in the Log4j2 Apache Logging Services library, poses a serious threat to organizations + Active attempts to exploit the vulnerability were identified in the wild, currently making it the most severe threat + CrowdStrike utilizes indicators of attack (IOAs) and machine learning to protect our customers + CrowdStrike continues to track and monitor the …

Log4j2 Vulnerability “Log4Shell”

Log4j2 is an open-source, Java-based logging framework commonly incorporated into Apache web servers. + Between late November and early December 2021, a critical vulnerability (CVE-2021-44228) impacting the Log4j2 utility was reported, resulting in several fixes and code revisions from the vendor. + The Log4j2 library is used in numerous Apache frameworks services, and as of Dec. 9, 2021, active exploitation …

Amazon Web Services (AWS) Outage Causes Chaos

AWS disruption leaves parcels undelivered, popular websites and devices offline An outage in Amazon Web Services (AWS)—the cloud computing unit of Amazon.com, Inc. (AMZN)—caused a raft of backlogs at the e-commerce giant’s warehouses Tuesday, Dec. 7, and took down popular websites and apps, including Google, Disney Plus, Venmo, DoorDash, Inc. (DASH), Spotify Technology S.A. (SPOT), Slack, and app-based trading firm …

Should you be worried about the AWS outage?

On one hand no. AWS handled the issue very well. Problems were reported at around 10:45am (ET) and within an hour AWS had acknowledged the issue and found the cause. It executed mitigations and within a few hours the problem was mostly resolved. When things go wrong, we’re often quick to point out the frailty of the cloud as ‘someone …

Picus Security Red Report: 2021 malware variants are more sophisticated, more evasive, and more likely to encrypt data

Analysis of 200,000+ malware files demonstrates shift towards ransomware  Picus Security, the pioneer of Breach and Attack Simulation (BAS) technology, today announced the release of its 2021 Red Report. The report is a comprehensive analysis of attacker behavior and highlights the top 10 most widely seen attack techniques over the last 12 months. In compiling its research, Picus analyzed more than 200,000 malware …

ETSI releases first comprehensive global standard for securing smart phones

Today our smartphones and tablets are fundamental for citizens and hold a wide range of user data and apps. At the same time, security attacks have increased with malicious applications and network eavesdropping. To define security and assurance requirements for smart phones and tablets, mitigate potential risks and protect users, ETSI has released a world class standard called Consumer Mobile …

Gartner Says Infrastructure & Operations Leaders Must Shift Their Focus from Efficiency to Adaptive Resilience to Exploit New Opportunities

Analysts Explore How I&O Builds Resilient Systems and Teams at the Gartner IT Infrastructure, Operations & Cloud Strategies Conference EMEA, 22-23 November In a world where constant change is becoming routine, Gartner, Inc said that infrastructure and operations (I&O) leaders must shift their traditional focus from efficiency to one of adaptive resilience. “I&O leaders must re-imagine how they manage their talent, their …

Gartner Forecasts Worldwide Artificial Intelligence Software Market to Reach $62 Billion in 2022

Market Growth Will Accelerate as Organisations Progress Their AI Maturity Worldwide artificial intelligence (AI) software revenue is forecast to total $62.5 billion in 2022, an increase of 21.3% from 2021, according to a new forecast from Gartner, Inc. “The AI software market is picking up speed, but its long-term trajectory will depend on enterprises advancing their AI maturity,” said Alys Woodward, senior …

The International Electrotechnical Commission Designates ISA/IEC 62443 as a Horizontal Standard

The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA) are proud to announce that the International Electrotechnical Commission (IEC) has officially designated the IEC/ISA 62443 series of standards as “horizontal,” meaning that they are proven to be applicable to a wide range of different industries. According to the IEC decision, “The IEC Technical Committee 65 (TC 65) …

Cybersecurity Spending: An analysis of Investment Dynamics within the EU

The European Union Agency for Cybersecurity issues a new report on how cybersecurity investments have developed under the provisions of the NIS directive. The NIS Directive has been implemented by 82% of the 947 organisations identified as Operators of Essential Services (OES) or Digital Service Providers (DSP) surveyed across the 27 Member States, with 67% requiring an additional budget for its implementation. …

Gartner Survey of Over 2,000 CIOs Reveals the Need for Organisations to Embrace Business Composability in 2022

EMEA CIOs Expect their IT Budget Will Increase 3.7% in 2022 Organisations must embrace business composability to thrive through disruption in 2022 and beyond, according to Gartner, Inc.’s annual global survey of CIOs and technology executives*. Business composability is the mindset, technologies, and set of operating capabilities that enable organisations to innovate and adapt quickly to changing business needs. It’s …

Gartner Identifies Three Key Focus Areas for CIOs to Drive Value

Analysts Explore Reaching Beyond the Constraints of Current Thinking During Gartner IT Symposium/Xpo 2021 EMEA, 8-11 November To accelerate value creation, CIOs and IT executives should focus on three key areas – leading from anywhere, nurturing connections and reaching beyond, according to Gartner, Inc. During the opening keynote of Gartner IT Symposium/Xpo EMEA, which is taking place virtually today through …

CISA creates catalog of known exploited vulnerabilities, orders agencies to patch

The US Cybersecurity and Infrastructure Security Agency has established today a public catalog of vulnerabilities known to be exploited in the wild and has issued a binding operational directive ordering US federal agencies to patch affected systems within specific timeframes and deadlines. The catalog —available online here— currently lists 306 vulnerabilities, with some as old as 2010, that are still being …