Blog

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/7 The Expanding Attack Surface: How One Determined Attacker Thrives in Today’s Evolving Digital Workplace (Proofpoint) While email remains the primary threat vector, cybercriminals are exploiting new channels like messaging collaboration platforms, cloud apps and file-sharing services. This has created a fragmented security landscape with disconnected point products, resulting in higher operational costs, and increasing security gaps. https://www.proofpoint.com/us/blog/email-and-cloud-thre... read more.

• April 11, 2025

By Ken Phelan, Posted in Security

I spent some time with the CrowdStrike team last month going through their annual Global Threat Report. If you haven’t seen it, please do. This should be required reading for every cyber operator - https://go.crowdstrike.com/2025-global-threat-report.html 79 is the percentage of breaches that occurred without malware. Hence the much-used quote, “hackers don’t break in, they log in.” For years a quick explanation of cyber-attacks read as follows: Software has vulnerabilities. Ha... read more.

• April 10, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/31 What is a Data Poisoning Attack? (Snyk) Data poisoning is a sophisticated adversarial attack designed to manipulate the information used in training artificial intelligence (AI) models. By injecting deceptive or corrupt data, attackers can hurt model performance, introduce biases, or even create security vulnerabilities.  https://snyk.io/blog/what-is-a-data-poisoning-attack/ Microsoft to Start Enforcing New Outbound Email Limits (Proofpoint) Microsoft has consistently made it clear tha... read more.

• April 04, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/24 Lurking Threats in Post-Authentication Sessions (CyberArk) MFA is critical, but it’s not enough. Attackers are no longer breaking in; they’re logging in—by taking over valid sessions. Organizations need to rethink identity security beyond just authentication. https://www.cyberark.com/resources/blog/lurking-threats-in-post-authentication-sessions Inside a Scammer’s Toolbox: Common Tools, Tactics and Technologies (Bitdefender) Over the last decade, digitalization, soci... read more.

• March 28, 2025

By Ed Bratter, Posted in Infrastructure

One benefit to Microsoft 365 is the ability to share data and collaborate with partners, customers, vendors and users who are external to your tenant. This benefit, however, can be a scary endeavor as information can be inadvertently exposed to outside entities. Couple this with the fact that tenants by default allow users to share data with outside individuals. Equally concerning is that configuring external collaboration can be complicated because there are multiple options available and there are many ad... read more.

• March 27, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/17 Beyond the Cloud | How Edge Computing is Unlocking IoT’s Full Potential (Check Point) As more devices come online, relying solely on cloud computing can lead to slow response times, high bandwidth costs and security risks. The traditional cloud-based infrastructure struggles to keep up with the demands of real-time data processing, low latency, and proactive, preventative security. https://blog.checkpoint.com/innovation/how-edge-computing-is-unlocking-iots-full-potential/ The Urgent Re... read more.

• March 21, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/10 ICYMI: On March 6, 2025, Gotham's CTO, Ken Phelan, was joined by LogSeam's CEO and Co-founder, Daniel Wiley, to discuss cost effective strategies for managing cyber and compliance data. Click the link below for the full video. https://youtu.be/dKopbMqIkrE Key Takeaways from the 2025 State of AI in the Cloud Report (Wiz) AI is revolutionary technology, but its widespread adoption raises necessary questions about governance, security, and risk. The DeepSeek data exposure incident underscores... read more.

• March 14, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 3/3 New Proofpoint Innovations That Help You to Defend Data and Mitigate Insider Risks (Proofpoint) Keeping data safe is more than just enforcing policies in a reactive manner—it’s about knowing where the risks come from and being proactive. Proofpoint Data Security helps organizations discover, classify and protect data. https://www.proofpoint.com/us/blog/information-protection/innovations-to-data-security-insider-risk-mitigation Identity Verification Trends in 2025 … and Beyo... read more.

• March 07, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/24 2025 State of Code Security: Key Trends and Risks (Wiz) The data is clear: unmanaged risks in code and version control systems present significant challenges for the modern enterprise. From alarming levels of secrets exposure to insecure CI/CD workflows, these vulnerabilities jeopardize production environments.  https://www.wiz.io/blog/state-of-code-security-report-2025 Proofpoint Research: 2024 Account Takeover Statistics (Proofpoint) Attackers’ focus on compromising accounts is... read more.

• February 28, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 2/17 The Role of Runtime Security in Cloud Environments (Wiz) As cloud adoption accelerates, security teams must protect dynamic, cloud-native environments that include containers, serverless functions, and virtual machines (VMs). Runtime cloud security refers to the continuous monitoring and protection of workloads while they are actively running in production environments.  https://www.wiz.io/blog/the-role-of-runtime-security-in-cloud-environments Why Data Tiering is Critical for Modern Se... read more.

• February 21, 2025