Mark Allers

Cimcor Blog

The lines between IT security and IT operations are blurring—and for good reasons. Historically, these functions operated in silos: operations focused on performance, uptime and infrastructure health, while security zeroed in on threats, vulnerabilities, and compliance. But today, in an era of speed, complexity, and constant threats, these teams have ... Read More

Cybersecurity tools have evolved significantly over the years, yet organizations are still experiencing devastating breaches at an alarming rate. High-profile cyberattacks continue to dominate headlines, raising the question: If companies are investing heavily in security tools like endpoint protection (EPP), security information and event management (SIEM), vulnerability management (VM), and ... Read More

The cybersecurity landscape is accelerating in complexity and scale. While cybersecurity spending has grown at a Compound Annual Growth Rate (CAGR) of approximately 10% over the past decade, the CAGR for breaches has surged to an alarming 34%, and the lines are diverging. This highlights three severe problems: ... Read More

The Digital Operational Resilience Act (DORA) - Regulation (EU) 2022/2554 has established strict guidelines for financial institutions to bolster digital resilience and protect against cybersecurity risks. Compliance with DORA mandates implementing a rigorous Information and Communication Technology (ICT) risk management framework, ensuring data security, and setting up robust incident response ... Read More

As organizations prioritize IT security and efficiency, the concept of "shifting left" has gained momentum across both security and service management. Traditionally, many IT security and IT Service Management (ITSM) practices have focused on reactive measures—identifying and remediating issues after they arise post-event. However, with the rapid shift toward DevSecOps ... Read More

Securing IT infrastructure is a continual journey for every security team. A resilient infrastructure enables organizations to not only defend against modern cyber threats but also to quickly recover from attacks or system failures. Building and maintaining such an infrastructure is an iterative and predictable process that relies on solid ... Read More

The CPS 234 Information Standard, established by the Australian Prudential Regulation Authority (APRA), mandates that organizations in the financial and insurance industries bolster their information security frameworks to safeguard themselves and their customers from the growing threat of cyber attacks.  ... Read More

In today's complex and interconnected digital world, the importance of robust cybersecurity measures for banks cannot be overstated. For financial institutions operating in Australia, adherence to the Australian Prudential Regulation Authority's (APRA) CPS 234 regulation is a critical component of their cybersecurity framework. CPS 234 mandates that all APRA-regulated entities ... Read More

The Department of Defense's (DoD) approach to Zero Trust leverages automation and analytics using tailored controls to address risk. In part two of our series on the DoD's Zero Trust security model, we continue to explore the crucial framework for defending against modern cyber threats.  ... Read More

Staying ahead of threats is paramount in cybersecurity. With increasingly sophisticated and frequent cyberattacks, organizations need robust frameworks to safeguard their digital assets effectively. The National Institute of Standards and Technology (NIST) provides one crucial guideline in Special Publication 800-172.  ... Read More