My TechDecisions

Search Results: cyber

SASE, SASE approaches, SASE implementation

Code42 and SentinelOne Partner to Uncover Risk to Data & Accelerate Response to Insider Threats

Cybersecurity providers Code42 and Sentinel One announce a new integration that aims to reduce the risks associated with insider threats.

March 7, 2023 Alyssa Borelli Leave a Comment

Code42 Software, Inc., the Minneapolis-based provider of Insider Risk Management (IRM), and SentinelOne, Inc., an autonomous cybersecurity platform company, announced a new partnership that integrates the Code42 Incydr solution with the SentinelOne Singularity Platform. This integration grants users additional visibility over their most sensitive data and expands response capabilities in the event of an insider threat […]

Read More
Palo Alto Networks Prisma SASE Accenture

Palo Alto Networks Launches New AI-Driven Identity Threat Detection and Response Model for SOC Solution

Palo Alto Networks' new Identity Threat Detection and Response (ITDR) module for its Cortex XSIAM solution integrates identity data sources.

March 6, 2023 Zachary Comeau Leave a Comment

Cybersecurity giant Palo Alto Networks is launching its new Identity Threat Detection and Response module for its autonomous security operations center (SOC) solution Cortex XSIAM.   The Santa Clara, Calif.-based firm says the new solution enables customers to ingest user identity and behavior data and deploy AI technology to help detect identity-driven attacks within seconds, […]

Read More
Royal Ransomware

FBI, CISA Warn of Royal Ransomware Targeting Critical Infrastructure

Royal ransomware actors have been targeting manufacturing, communications, healthcare and education entities since September 2022, agencies say.

March 3, 2023 Zachary Comeau Leave a Comment

U.S. agencies are warning critical infrastructure organizations to be on the lookout for Royal ransomware, a financially motivated threat actor that has been targeted manufacturing, communications, healthcare and education entities since September 2022. In a joint advisory, the FBI and U.S. Cybersecurity and Infrastructure Security Agency say the Royal ransomware actors have compromised U.S. and […]

Read More
Phishing, Email security

Phishing Remains a Favorite Hacking Tool as New Methods Emerge

New methods such as phone-oriented attack delivery and MFA bypass are making phishing attacks more sophisticated, according to Proofpoint.

March 3, 2023 Zachary Comeau Leave a Comment

Phishing, social engineering, and ransomware remain favorite attack methods of cybercriminals, but threat actors are beginning to shift to newer techniques, such as phone-oriented attack delivery and adversary-in-the-middle phishing proxies designed to bypass multifactor authentication, according to cybersecurity firm Proofpoint. The Sunnyvale, Calif.-based company’s’ State of the Phish report finds that email-based phishing attacks remain […]

Read More
Cybersecurity testing, penetration testing, cyber threats

No Organization Is an Island: How to Protect Against Supply Chain Attacks

To defend against supply chain attacks, organizations need to focus on all three layers of the attack surface: data, identities and infrastructure.

March 2, 2023 Dirk Schrader Leave a Comment

Every organization interacts with other organizations: suppliers, partners, customers, government agencies and more. As a result, you can suffer a breach even though your organization was not directly targeted. For example, adversaries were able to release the infamous NotPetya malware to thousands of companies worldwide by compromising the supplier of a popular accounting software solution. […]

Read More
CISA Software Security

What CISA Learned After Conducting a Red Team Assessment of a Large Critical Infrastructure Organization

CISA obtained persistent access to the organization's network, but security controls like MFA helped thwart further activity.

March 1, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory that describes a CISA red team assessment of a large critical infrastructure organization with a mature cyber posture, with the goal of sharing its key findings to help IT and security professionals improve monitoring and hardening of networks. According to the advisory, […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

Older, Unpatched Vulnerabilities Are Still Wreaking Havoc

Older vulnerabilities that remain unpatched are still the primary vehicle for cyberattacks, Tenable report finds.

February 28, 2023 Zachary Comeau Leave a Comment

Older vulnerabilities for which patches have already been made available by the vendor are still the primary vehicle for cyberattacks, suggesting that organizations are still behind in practicing good cyber hygiene, according to new data from Tenable. The Columbia, M.D.-based provider of vulnerability management software finds in its 2022 Threat Landscape Report that the number […]

Read More
Palo Alto Networks Prisma SASE Accenture

Palo Alto Networks Launches Zero Trust OT Security Solution

Palo Alto Networks' new Zero Trust OT Security solution includes a new cloud-delivered OT security service designed for easy deployment.

February 27, 2023 Zachary Comeau Leave a Comment

Cybersecurity firm Palo Alto Networks is launching a new Zero Trust security solution for operational technology designed to help industrial organizations easily secure systems without having to deploy additional sensors. The Santa Clara, Calif.-based company’s Zero Trust OT Security solution is highlighted by the new cloud-delivered Industrial OT Security service that can be enabled — without […]

Read More
Mimecast Certificate Compromised

3 Takeaways From Mimecast’s State Of Email Security Report

Mimecast's State of Email Security report reveals IT and security decision-makers are seeing an increase in cyber awareness interest among the C-Suite.

February 24, 2023 TD Staff Leave a Comment

Mimecast, the global email and collaboration security company, published its annual State of Email Security 2023 (SOES) report this week. The global survey, based on responses from 1,700 IT and security decision-makers, provides readers with key takeaways on the current threat landscape and offers recommendations to help organizations improve their cybersecurity posture. The highlights from […]

Read More
Software License Spending, SaaS, cloud apps

The Inconvenient Truth about SaaS Management

As SaaS adoption continues to grow, so will the risk of cybersecurity threats, spiraling spend, and general inefficiencies – unless IT can change course.

February 24, 2023 Uri Haramati Leave a Comment

Companies today are incredibly reliant on cloud applications (SaaS). These tools enable us to do meaningful work, at high speeds, in a globally distributed workplace. However, for all their promise and opportunity, cloud apps also present new and growing challenges for budgets, security and overall efficiency. It all stems from a lack of control and […]

Read More