Malaysia's Cyber Security Act 2024 went into effect this past August 2024. Here's what you need to know to remain compliant.

POPIA, South Africa's Protection of Personal Information Act, establishes rules for the lawful processing of personal information in South Africa. This blog looks at the purpose of the law, POPIA compliance best practices, and more.

Indonesia's newest Personal Data Protection Law is set to go into effect in October 2024. Here's what you need to know to prepare for proper compliance.

Security Service Edge (SSE) is a cybersecurity concept that delivers key security capabilities from a cloud-based platform. Read this blog to learn more about what SSE comprises, use cases, and its advantages.

Today, we get four vulnerabilities that have seen active exploitation, one of which has also been publicly disclosed.

Extended Detection and Response (XDR) is an advanced cybersecurity approach that provides a more comprehensive and automated view of threat detection and response. Read this blog to learn more about XDR, its challenges, and key capabilities.

According to Cybersecurity Ventures, cybercrime would be the world’s third-largest economy (after the U.S. and China) if measured as a country as its damages may total $9.5 trillion globally in 2024. While this may be a surprising stat, it should reiterate the importance of your cybersecurity plan and solutions. External threats play a large part in digital threat landscape, and like the name...

EDR, or endpoint detection and response, is a cybersecurity technology that monitors and collects data from endpoints to detect, analyze, investigate, and respond to cybersecurity threats. Learn more about EDR and how it can help organizations in this blog.

Hackers took advantage of a 0-day to steal ISP customers' credentials, a former Verizon employee pleaded guilty to feeding info to a Chinese spy agency, and more. Get up to speed in this week's Friday Five!

Password security has evolved from simple physical protections to complex, multi-factor authentication systems. Experts suggest that while traditional passwords are becoming outdated, combining them with new technologies like biometrics and passkeys offers stronger security. Future trends point towards more user-friendly yet robust methods to safeguard digital access.

The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.

Data security tools are software programs or services used by organizations to protect digital data from threats such as unauthorized access. Learn what they can do and why they're important in this blog.

As ransomware, misconfigurations, and other vulnerabilities continue to be stubborn threats to mitigate, CISA and the FBI promise election security, and the FAA is pushing for tighter regulations. Learn about these top stories and more in this week's Friday Five!

The importance of resilience and business continuity dominated conversations at Black Hat USA 2024. In this blog, security expert Antonio Sanchez shares his take on this year’s event.

Stories on rare, albeit encouraging wins against ransomware gangs took the top headlines this past week. Additionally, read about a massive breach involving Americans' sensitive data, the UN's new cybercrime treaty, and more in this week's Friday Five.

Cybersecurity experts from over 70 countries share their insights, candor, and challenges when it comes to raising the level of cybersecurity awareness in their organizations. Learn how Fortra’s Terranova Security can help.

The three CVSS 9.8 vulnerabilities included in this month’s patch drop are likely to be the first thing that catches anyone’s attention this month. All three are remote, unauthenticated code execution, the very type of vulnerability where we previously would have used the word, “wormable.”

Of the three forms of threat intelligence (strategic, operational, and tactical), tactical threat intelligence is the most directly actionable. Tactical threat intelligence also enables defenders to engage in threat hunting or root cause analysis activities when examining historical (attempted) intrusions. This is useful in detecting breaches that may have occurred, understanding the cause of a previous breach, and understanding whether a particular adversary or TTP is being attempted against your organization.