One of the findings of our investigations pointed to a compromised account as a possible cause of the cyberoperation. While I was reading the results, I thought, “That could have been me. In fact, it could have been any of our employees,” and I began asking myself what I as an individual could do to increase the security of the company I’m working for. Let’s face it, most of the risk is produced by us humans and our behavior.

We all like to enjoy untethered freedom, as is shown by the incredible growth of mobile devices we use every day for business and personal activities. We use mobile devices for buying products and services, and banking and investing. We download apps that allow us to connect with our favorite businesses and socially interact with friends and relatives.

Financial crime has become a red-hot topic over the last 12 months, as fraudsters have sought to exploit the monitoring gaps between people, process and technology across an ever-widening attack surface – driven by the growth in usage of remote (digital) channels. Even before its recent growth, the cost of fraud and financial crime was significant.

Just as our physical world has suffered from a devastating health pandemic, over the last 3 years the digital world has been suffering a ransomware pandemic that grew 7 times in 2020 compared to the same time in 2019. While we have vaccines for our health crisis what are our options to help protect us against this digital threat?

The past year has challenged us in unimaginable ways. We kept our distance for the greater good, while companies faced the daunting task of transforming their workforce from in-person to remote — practically overnight. This presented a unique challenge for cybersecurity teams. How would they ensure employees retained access to critical data in a secure way? Working in the cloud has made remote work easier for many organizations, but has also presented new risks.

In our previous post, we discussed the recent security incident at Codecov and the following investigation at Mattermost. As a follow-up to that we wanted to share some of the basic design principles as well as a handful of more technical tips and tricks around CI/CD pipeline security that helped Mattermost come out of the incident unscathed.

Last year, during the Magecart attacks saga, I was constantly flooded by calls from e-entrepreneurs – all sounding worried and anxious. The attacks were brazen, and the digital trust was taking a beating. After the initial shock waned, the entire conversation shifted gears. I still remember having long discussions with my clients about eCommerce security threats and their solutions. It now focused solely on building a reliable security system.

According to Forrester, the number of permanent, full-time remote workers is expected to increase by 300 percent or more compared to pre-pandemic numbers. Amid the chaos surrounding the pandemic, getting your entire workforce back to the office seems trivial, especially when many employees’ work can be done remotely. It’s no wonder that, according to Gartner, almost half of employees will continue to work remotely post COVID-19.

Security testing tools help us to monitor our cloud-native resources for potential vulnerabilities throughout our development lifecycle. By flagging security vulnerabilities early, our teams can react on time to reduce potential damage to our end-users and our business. This post will compare three different Security scanning tools that focus on cloud-native infrastructure and application security, namely.