Over the last two years, ransomware has been, without a doubt, the hottest topic in cybersecurity discussions in both the cybersecurity community and the general population. Major attacks like the one on SolarWinds and against Colonial Pipeline have dominated headlines — and for good reasons.

The first RSA Conference took place 30 years ago. It was conceived by the then-CEO Jim Bidzos, and consisted of roughly 50 people in a room discussing cryptography – the focus area of that first assembly. By the turn of the millennium, the conference expanded internationally, reaching audiences in Europe, China, Singapore and Abu Dhabi. Ten years later in 2011, the RSA Conference boasted an impressive 18,500 attendees in the United States alone.

BlackBerry Limited released its 2021 BlackBerry Threat Report, detailing a sharp rise in cyberthreats facing organizations since the onset of COVID-19. The research shows a cybercrime industry which has not only adapted to new digital habits, but also become increasingly successful in finding and targeting vulnerable organizations.

Today, open-source code is everywhere. In fact, 99% of all codebases contain open-source code, and anywhere from 85% to 97% of enterprise codebases come from open-source. What does that mean, exactly? It means that the vast majority of our applications consist of code we did not write.

Someone of a cynical persuasion may think it was only a matter of time until ‘outsourcing’ came to the cybercrime business. While this inevitability may be debatable, the early success of the model certainly isn’t.

The SolarWinds cyber compromise makes Cyber Tactics’ columnist John McClurg reflect and rethink about nation-state adversaries, insider threats, spearphising, AI-machine-powered learning, crimeware-as-a-service and much more. Here, he takes a look at what risks persist within organizations and potential consequences.

Threat actors who phish see themselves as businesspeople, even if that business is illegal. They’re always seeking ways to maximize their profits, and with phishing, they know they can do that by better tailoring the email lure to resonate with the intended recipient.

A recent ISC² Cybersecurity Workforce Study placed the resource gap worldwide at 4.07 million professionals. The challenges we face when grappling with that gap are myriad and are exacerbated by the security paradigm to which we may have historically pledged allegiance.

Last month, in this column, we advanced a discussion of the hermeneutics involved in the interpretations we make daily and of our growing propensity to commit Group Attribution Error.

Hermeneutics, a hodge-podge of psychology, sociology, anthropology and philosophy — with a dose of linguistics thrown in for good measure — examines the variables around which we construct and impute meaning to our world. This process is more colloquially known as interpretation theory.