Data security breaches

Get the latest information on enterprise security data breaches. Learn about data breach laws and regulations, best practices for data breach notification and response plans, the risks of exposed corporate data and personally identifiable information.

May 12, 2021 12 May'21
Funding is key to strengthening national cybersecurity

In the wake of the Colonial Pipeline ransomware attack, national cybersecurity experts make the case for additional funding during a Senate hearing.
May 05, 2021 05 May'21
Twilio discloses breach caused by Codecov supply chain hack

Twilio utilizes Codecov tools including the previously compromised Bash Uploader script. It said that a "small number" of customer emails were potentially exposed.
April 28, 2021 28 Apr'21
Codecov breach raises concerns about software supply chain

So far, only HashiCorp has disclosed a breach connected to the attack on Codecov, but threat researchers have drawn parallels to the SolarWinds supply chain attacks.
April 27, 2021 27 Apr'21
Rise in ransom payments may fuel more dangerous attacks

A new report from Coveware found that ransom payments increased significantly in Q1 this year, as did ransomware actors' use of software vulnerabilities in attacks.

Bring yourself up to speed with our introductory content

industrial espionage

Industrial espionage is the covert, and sometimes illegal, practice of investigating competitors to gain a business advantage. Continue Reading
data breach

A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion. Continue Reading
information security (infosec)

Information security, often shortened to infosec, is the practice, policies and principles to protect data and other kinds of information. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Can a new DHS cybersecurity strategy help the private sector?

The U.S. Department of Homeland Security outlines federal plans to improve public and private cybersecurity, but analysts advise caution over strategies that can't be mandated. Continue Reading
Ransomware attack case study: Recovery can be painful

Even with full backups and no permanent data loss, recovering from ransomware can be expensive and painful, as evidenced in this ransomware attack case study. Continue Reading
Malware researcher speculates on the future of ransomware

Abhijit Mohanta, author of 'Preventing Ransomware,' opines on the future of ransomware and discusses why this attack is favored among cybercriminals. Continue Reading

Learn to apply best practices and optimize your operations.

Companies must train their SOC teams well to prevent breaches

SOC teams can have all the latest and greatest cybersecurity tools, but unless they have the proper training, it won't be enough to mitigate an attack. Continue Reading
How to manage third-party risk in the supply chain

From third-party risk assessments to multifactor authentication, follow these steps to ensure suppliers don't end up being your enterprise cybersecurity strategy's weakest link. Continue Reading
How to prevent supply chain attacks: Tips for suppliers

Every company, large and small, must assume it is a target in the supply chain. Suppliers should follow these best practices to keep themselves and their customers protected. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Explore 5 business email compromise examples to learn from

Gift cards are for gifts, never for payment. Explore real-world examples of business email compromise to learn common attack patterns and red flags. Continue Reading
How do cybercriminals steal credit card information?

Cybercriminals have several methods at their disposal to hack and exploit credit card information. Learn about these, how to prevent them and what to do when hacked. Continue Reading
5 cybersecurity lessons from the SolarWinds breach

Ransomware attack simulations, accessing enterprise logs and pen testing software code are among the best practices cybersecurity pros suggest following the SolarWinds breach. Continue Reading