By this point, every organization that needs a skilled team of cybersecurity professionals knows about the skills gap. Companies in all industries are fishing for the freshest cybersecurity talent in a shrinking pond of potential candidates: The latest (ISC)2 Cybersecurity Workforce Study found that the U.S. alone faces a shortage of 500,000 positions. Meeting that…
Automated remediation of cloud misconfigurations was a big theme in 2018, and here at DivvyCloud we expect the trend to continue through 2019. One of the significant challenges customers face is putting automation into action, instead of just talking about it. When enterprises evaluate Cloud Security Posture Management (CSPM) solutions, automated remediation is frequently the…
Cyberinsurance is not new to the scene, and an increasing number of organizations are accepting its critical role in safeguarding them against costly cybersecurity incidents. Yet recently, we’ve seen ongoing discussion of its overall value to organizations, as well its net impact to the state of cybersecurity. As pundits discuss, debate, and ponder, crippling cyber…
There’s no silver bullet when it comes to endpoint security. No matter how many security tools enterprises layer on, or how locked-down user devices are meant to be, determined cybercriminals can still ferret through the cracks. That’s why the best cybersecurity approach is to acknowledge that hackers will get through and to employ isolation solutions…
The migration of database and application infrastructure to the cloud is now taking center stage for both private and public sectors as organizations seek to reduce the cost and risk of operating their own data centers. According to Forbes, 83 percent of enterprise workloads will be in the cloud by 2020, and higher education isn’t…
Endpoint protection plays a critical role in the modern organizational security stack. Yet the very nature of this security model is fundamentally flawed. Endpoint security solutions, and the malicious actors trying to breach them, are locked into a perpetual game of cat and mouse. Each side must continually adapt and react to the tactics of…
Everything you wanted to know about Breach and Attack Simulation (BAS) vs. Automated Penetration Testing Better prepared, Right!? Companies are investing a significant amount of resources in building and improving their cybersecurity posture. As the threat landscape continues to evolve and expand, this investment continues to rise dramatically. Per a report by Cybersecurity Ventures, worldwide…
Businesses are conflicted about moving their data to the cloud. Some claim that one of the main reasons for moving data to the cloud is because it is more secure. Simultaneously, a top reason for not moving data to the cloud is due to concerns about security. Which opinion is right? The answer isn’t so…
There are many different types of Business Email Compromise (BEC) attacks, but the smartest and most likely to succeed are often timed to coincide with something that can lend them legitimacy, such as tax season. By infiltrating an organization to find a few useful details, scammers can craft email messages that are perfectly timed and…
This past July, Capital One was hit by one of the largest financial hacks in history, impacting the personal data of over 100 million people. Unlike other attacks, however, this one was notable because it originated from a cloud vendor. The attack targeted data stored on AWS servers, with access coming through a misconfigured firewall.…
