What the security community says about a specific industry vertical usually holds true for a good percentage of what is seen in the wild. You can ask any hacker, defender, CISO, etc what industries struggle the most and there are common themes in their answers. Top of the list includes healthcare, manufacturing, government, and financial. Some of the most heavily compliance controlled and regulated are also some of the least secure. Why is this? Is it due to administrators and senior management taking compliance standards as gospel? Maybe it’s a lack of knowledgeable staff like the blind leading the blind.

Spectre 

Release Date (01-03-18) CVE-2017-5753 & CVE-2017-5715

Where to start with Data Loss Protection

DLP or Data Loss Protection is a strategy for ensuring that end users or malicious actors do not send sensitive or critical information outside the corporate network either maliciously or accidentally. A DLP strategy should only be introduced within organizations that already have a mature security infrastructure.

If you haven’t heard already, Equifax one of the “big-three” U.S. credit bureaus has announced a data breach that may have affected 143 million Americans, including consumer Social Security numbers, birth dates, addresses and some driver’s license numbers. For a good rundown of what has transpired so far, Krebs on Security has a solid in-depth article on it here. Every time there is a breach in the news, most other outlets swarm to a few different types of articles. Some popular directions are attribution, defense advice, or sensationalist journalism.