Today, open-source code is everywhere. In fact, 99% of all codebases contain open-source code, and anywhere from 85% to 97% of enterprise codebases come from open-source. What does that mean, exactly? It means that the vast majority of our applications consist of code we did not write.
Someone of a cynical persuasion may think it was only a matter of time until ‘outsourcing’ came to the cybercrime business. While this inevitability may be debatable, the early success of the model certainly isn’t.
The SolarWinds cyber compromise makes Cyber Tactics’ columnist John McClurg reflect and rethink about nation-state adversaries, insider threats, spearphising, AI-machine-powered learning, crimeware-as-a-service and much more. Here, he takes a look at what risks persist within organizations and potential consequences.
Threat actors who phish see themselves as businesspeople, even if that business is illegal. They’re always seeking ways to maximize their profits, and with phishing, they know they can do that by better tailoring the email lure to resonate with the intended recipient.
A recent ISC² Cybersecurity Workforce Study placed the resource gap worldwide at 4.07 million professionals. The challenges we face when grappling with that gap are myriad and are exacerbated by the security paradigm to which we may have historically pledged allegiance.
Hermeneutics, a hodge-podge of psychology, sociology, anthropology and philosophy — with a dose of linguistics thrown in for good measure — examines the variables around which we construct and impute meaning to our world. This process is more colloquially known as interpretation theory.
Flashback to 2004 and the genesis of National Cybersecurity Awareness Month (NCSAM), an initiative created to raise awareness in the U.S. around the importance of cybersecurity. Founded by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance, NCSAM has taken place each October, since its mid-aughts inception, in efforts to ensure all Americans have knowledge of the resources and tools they need to be safer and more secure online.
The path to securing the remote workforce should be seamless and experienced as a hassle-free balance between safety and a quality user-experience. It is pivotal to implement appropriate security practices, as inadequate measures can lead to unmanaged risks and the endangerment of corporate systems, data and employees.