We all know what a traditional phishing scam is, where a cyber-criminal sends a fraudulent email to their victim in a bid to trick them into sharing sensitive information or downloading malware.  Phishing scams are so widespread that most email providers have now installed impressive features that block standard phishing emails. However, just because email […]

Over the weekend, the US-founded communications company, Twilio, disclosed that it suffered a data breach, after some of its employees fell for a sophisticated phishing scam. Below, we’ll give you an overview of the security incident: what happened, who was impacted and how you can prevent the same thing happening in your organisation. Quick background: […]

On top of this, frameworks like ISO 27001 and SOC 2 are fast becoming expectations for companies that supply goods and/or services to other organizations.  With so much to consider, many compliance and security leaders may feel like they’re fighting an uphill battle. For all their efforts to meet compliance demands, they’re always a step […]

What is UEBA? UEBA is an acronym for User and Entity Behavior Analytics. This breed of security solution harnesses the power of technologies like machine learning and artificial intelligence to monitor your users’ behavior for signs of compromise.  Essentially, UEBA solutions analyze your users and other entities – like endpoints and routers – to create […]

The California Consumer Privacy Act (“CCPA”) came into force in 2020 and, since then, plenty of organizations have received notifications from the California attorney general about their data security practices.  In this blog, we’ll take a look through some of the most recent enforcements, so that your company can make sure it doesn’t fall into […]

A couple of months ago, we wrote about CMMC 2.0, the second iteration of the Department of Defense’s Cybersecurity Maturity Model Certification. The revamped CMMC 2.0 is meant to be easier to implement for small and medium-sized businesses, so that contractors and suppliers of all sizes are able to meet the DOD’s cybersecurity requirements.  If […]

Great resignation and the upcoming recession is creating large employee turnover that puts company data at risk of theft and loss.

Cloud account hijacking is a serious problem for companies across sectors. 86% of IT leaders said this form of cybercrime cost them more than $500k last year. 

The cloud and SaaS present a new frontier for risk. SaaS DLP will make all the difference in controlling this risk and avoiding issues

IT departments have long struggled with trying to get a handle on shadow IT. How can MSPs and MSSPs help their customers with shadow IT?

Cloud security is all about using solutions, processes and security controls to keep cloud environments secure from data loss or exposure