State of Insider Threats in the Digital Workplace REPORT 2019

whitePaper | February 16, 2023

There are three key elements in the world of Internet of Things cyber security. Standards are created in order to harmonize a common set of requirements. Regulations are created in order to incentivize manufacturers to adopt cybersecurity hygiene practices so as to protect societies and increase their cyber-resilience. Labels are created in order to provide visibility to consumers.

whitePaper | February 11, 2023

Higher-education institutions are experiencing a high volume of cyberattacks and greater vulnerability to threats. Today’s educational technology environments connect a variety of endpoints—laptops, desktops, student management data, and email servers. They use Internet-of-Things (IoT) devices for managing environmental controls, security cameras, and door alarms. Both ends of the education spectrum gather, store, and use personal data from students and staff—and if they collect it, they must also protect it. As a result, schools need dedicated, skilled, and experienced executive leadership that is empowered, resourced, and responsible for campuswide cybersecurity issues.

whitePaper | October 6, 2022

Sophos' annual study of the real-world ransomware experiences of IT professionals in the manufacturing and production sector has revealed an ever more challenging attack environment. Together with the growing financial and operational burden ransomware places on its victims, it also shines new light on the relationship between ransomware and cyber insurance - including how insurance drives changes to cyber defenses.

whitePaper | June 15, 2022

There’s an old saying, “How do you eat an elephant? One bite at a time.” In some cases, the task of technology modernization is akin to eating an elephant. Government agencies are filled with legacy applications, many of which have been heavily customized over decades of operation.

whitePaper | June 16, 2023

Good cloud security hygiene starts with complete visibility into the security and compliance posture of every resource you deploy into your cloud. It’s one thing to achieve this visibility in a single cloud environment—you can lean heavily on the native monitoring and auditing tools of your cloud provider, using third-party solutions to fill in gaps (e.g., threat detection)—but in a multi-cloud architecture, maintaining robust cloud security posture becomes exponentially more complex. It is much more difficult to achieve centralized visibility as well as consistently enforce policies and compliance rules within a multi-cloud environment. It’s also more complicated to detect threats and fix vulnerabilities quickly due to the sheer complexity of threats across distributed, multilayered architectures. You can address these challenges, though—and you need to, if you want to take advantage of multi-cloud architecture without compromising on security.

whitePaper | December 15, 2022

Applications are the backbone of modern business and must be protected. Yet, most organizations have an underserved attack vector — malicious files uploaded to their custom business applications. If internal, external, or third-party files contain malware, they pose a large risk as they traverse through an organization and are stored in local or cloud repositories. Public file sharing platforms are another area where malicious file uploads can cause widespread damage.