Cybersecurity Roundup: Partnerships, Funding, and Emerging Threats – [March 4, 2026]

A daily op-ed style briefing that distills five high-impact stories shaping the security landscape today. This edition covers identity-first ransomware and AI-assisted attacks, a China-linked APT campaign using living-off-the-land tools and cloud-backed C2, the geopolitical tightening of China’s cybersecurity law and U.S. responses, a verified AI-driven industrial cybersecurity solution for industrial 5G, and a milestone AWS competency for an autonomous security validation partner. Read on for concise coverage of each item, source citations, analysis of implications, a tactical playbook for security leaders, procurement & contract checklists, and a risk register to prioritize action.

Key SEO keywords: cybersecurity, ransomware, identity theft, APT41, Silver Dragon, China cybersecurity law, industrial 5G security, AI-driven cybersecurity, autonomous security validation, Terra Security AWS competency, Cloudflare threat report, Cobalt Strike, Google Drive C2, Siemens Palo Alto partnership, threat intelligence.

Executive summary — the five headlines in one paragraph

1. Identity abuse has eclipsed purely malicious code as the dominant vector for high-impact ransomware and extortion campaigns; stolen credentials and thread-hijacking have become profitably stealthy, accelerated further by generative AI. Source: Cybersecurity Dive.

2. A new campaign attributed to Silver Dragon — assessed under the APT41 umbrella — targets government bodies across Europe and Southeast Asia using Cobalt Strike implants and cloud-based command-and-control via Google Drive. The tradecraft is modular and robust: multiple infection chains, DLL sideloading, and deceptive file-extension signaling. Source: The Hacker News / Check Point report.

3. China’s cyber-sovereignty architecture just tightened further; the amended cybersecurity law increases cross-border data controls and raises compliance pressure on foreign firms. The U.S. is responding with policy and enforcement measures tied to national security concerns — an escalation that will force multinational cyber program resets. Source: Forbes.

4. Siemens and Palo Alto Networks announced a verified, AI-driven cybersecurity solution for Industrial 5G deployments — a rare example of industrial vendor + security vendor co-validated stack aimed at OT/IT convergence. This shows the industry’s push toward certified, domain-specific AI detection at the industrial edge. Source: Siemens press release.

5. Terra Security became the first AWS partner to achieve the new Security Competency for Autonomous Security Validation, signaling rising demand for vendor-certified autonomous testing and validation across cloud environments. This is a commercial cue: autonomous red/blue validation is moving from R&D into procurement checklists. Source: BusinessWire (Terra Security release).

Taken together, these stories signal three large flows this week: (A) identity + AI are reshaping attacker economics; (B) geopolitics and regulation are materially changing cross-border risk and supplier choices; (C) industrial and cloud security are converging around certified, AI-driven, domain-specific stacks. Below I unpack each story, explain the practical implications, and provide prioritized actions for CISOs, procurement leads, security engineers, and board members.

Introduction — why these five stories matter together

From operational risk to strategic procurement, the security landscape is being pulled in two directions simultaneously. On one hand, attackers are optimizing for speed, scale, and covert profit—mass credential abuse, thread hijacking, and AI-assisted phishing make high value theft easier and harder to detect. On the other hand, defenders are responding with deeper partnerships and productization: vendor-validated domain stacks (industrial 5G), cloud competency programs, and autonomous validation tools. Meanwhile geopolitical shifts (e.g., China’s tougher cybersecurity regime) change the rules of the game for international vendors and customers.

This piece gives you:

• Concise summaries and the single-paragraph implications for each story.

• Tactical recommendations you can implement in 24–72 hours and over 90 days.

• Procurement redlines and contract language to use when buying certified stacks or autonomous validation.

• A risk register and board-level KPIs so leadership can prioritize limited resources.

Now let’s examine each story closely.

1) Ransomware is now identity-first — Cloudflare’s warning and the AI angle

What happened

A new Cloudflare threat report — summarized in reporting by Cybersecurity Dive — argues that the modern extortion landscape has shifted: attackers are weaponizing legitimate credentials and trusted workflows far more than bespoke malware. Thread hijacking (entering an ongoing conversation to request money), executive impersonation, credential stuffing and abuse of legitimate third-party tools are now dominant tactics. Cloudflare also warns that generative AI lowers the bar for attackers by enabling rapid, pragmatic exploit development and automated social engineering at scale.

Source: Cybersecurity Dive.

Why this matters

1. Detection paradigms must change. Traditional signature-based and malware-centric detection miss identity abuse and living-off-the-land techniques. If attackers are living in legitimate sessions with legitimate tokens, detection must pivot to behavioral identity telemetry and context-aware anomaly detection.

2. AI amplifies scale and precision. Generative models can craft convincing thread-hijack requests tailored to organization styles, or quickly adapt exploit code to bypass signatures. Attack volume (and thus the probability of a successful small-value extortion) increases.

3. Financially calibrating extortion. Cloudflare called out an industry pattern where attackers seek moderate amounts (e.g., ~$49,000) that are large enough to be profitable but small enough to avoid executive scrutiny—this demonstrates sophisticated economic optimization on the adversary side.

Tactical implications (24–72 hours)

• Tighten privileged access & token hygiene. Rotate high-privilege tokens, enforce short TTLs for service accounts, and mandate MFA on all high-risk accounts. Immediately revoke stale OAuth/grant tokens and review third-party app grants.

• Enable conversation monitoring for finance-related threads. Add heuristics to flag sudden payment requests with altered beneficiaries, unusual urgency, or new external accounts referenced in existing threads. Use contextual rules that require voice verification for transfers above threshold.

• Add AI resistance to phishing training. Tailor phishing simulations to AI-crafted lures and test multi-channel (email + chat) enticement chains. Train staff to verify payment changes via a previously agreed out-of-band channel.

Mid-term (30–90 days)

• Deploy identity-centric detection analytics. Instrument user behavior analytics (UBA/UEBA) with identity risk scoring, lateral movement detection, and risk triage workflows. Integrate with your SOAR to orchestrate token revocation and account lockdowns.

• Protect external conversation channels. Add monitoring and DLP for enterprise collaboration platforms (email, chat, project tools) and set stricter sharing policies for threads involving finance, payroll, and procurement.

• Threat intelligence ingestion for impersonation campaigns. Subscribe to TI feeds that alert about known extortion templates and actor tradecraft, then bake these templates into detection rules.

Long term (6–12 months)

• Zero-trust for human access. Move to conditional access policies that treat user sessions as ephemeral and continuously validate context: device posture, geolocation, IP reputation, and recent activity.

• Invest in synthetic transaction validation. Before executing large or unusual transfers, require an automated multi-factor verification that includes cryptographic attestation where possible.

Tactical checklist & indicators

• Immediate: rotate tokens, enforce MFA, audit app grants.

• Near term: deploy UEBA/identity risk scoring, enable collaboration DLP.

• KPI: reduce unauthorized credential usage dwell time to <2 hours; measure prevented thread-hijack financial loss attempts per quarter.

Why defenders win if they focus on identity and attribution

Attackers thrive on trust. By making trust verifiable and transient—through token hygiene, continuous attestation, and context-aware confirmation—organizations can make identity theft economically unattractive. Malicious code alone will remain significant, but the next major wave of incidents will hinge on identity and social engineering. Source: Cybersecurity Dive.

2) Silver Dragon / APT41 tradecraft: Cobalt Strike, Google Drive C2, and multi-chain infection

What researchers found

Security researchers (Check Point) disclosed a campaign attributed to a group dubbed Silver Dragon and linked to the broader APT41 umbrella. The campaign targets governments primarily in Europe and Southeast Asia, using multiple infection vectors: AppDomain hijacking, service DLL sideloading, and spear-phishing with malicious LNK attachments. The attackers deploy modular loaders (MonikerLoader, BamboLoader) and clearly leverage Cobalt Strike beacons for persistence along with cloud-backed command-and-control over Google Drive. The adversary also uses a file-extension signaling system to indicate task types—an unusual but effective exfiltration technique.

Source: The Hacker News (reporting on Check Point findings).

Why this matters

1. Cloud platforms as stealthy C2. Using Google Drive for C2 buys attackers stealth and blending: legitimate Google traffic is rarely blocked, and many organizations maintain whitelists for such services. That makes detection harder and forensics more complex.

2. Multiple infection chains increase robustness. The adversary’s use of several delivery mechanisms means defenders cannot rely on single mitigations; playbooks must account for diverse persistence techniques.

3. State-aligned capabilities plus criminal playbooks. APT41 has previously displayed both espionage and financially motivated activity; the convergence of espionage tradecraft with extortion economics raises multi-vector risk for governments and corporate targets.

Technical indicators & IOCs (practical)

• Look for Cobalt Strike beacons in network telemetry and unusual PowerShell activity initiated by LNK files.

• Detect anomalous use of Google Drive APIs. Monitor for service account uploads or downloads at odd intervals and for accounts writing disguised extensions (.db, .bak, .pdf used as commands).

• Hunt for DLL sideloading patterns. Monitor for unexpected modules loaded into legitimate processes like taskhost.exe or GameHook.exe.

• Flag AppDomain hijacking footprints. Watch for suspicious use of .NET loaders or memory-only execution patterns consistent with MonikerLoader.

Immediate mitigations (24–72 hours)

• Block or more tightly control Google Drive access for high-risk segments. Apply conditional access and DLP to limit uploads from untrusted devices.

• Upgrade EDR telemetry to detect DLL sideloading. Deploy YARA rules for loader signatures and use process-context monitoring to detect when legitimate processes spawn unusual child processes.

• Harden email & attachment handling. Strip LNK and other risky attachment types at the gateway, or implement isolation/sandboxing for suspicious attachments.

• Rotate and audit service accounts that have automatic access to shared cloud resources.

Mid-term (30–90 days)

• Simulate multi-chain attacks in purple-team exercises. Train detection and response against combined AppDomain, DLL sideloading, and cloud-based C2 to reduce detection gaps.

• Integrate cloud activity into SOC playbooks. Ensure cloud-file service telemetry is high fidelity and integrated into SIEM correlation rules.

• Engage in collaborative intelligence sharing. Share sanitized IOCs with national CSIRTs and ISACs to improve collective detection.

Governance & geopolitical considerations

Given the suspected state linkages and cross-border targeting, public sector entities should coordinate incident response with national CSIRTs and law-enforcement partners. Classification and evidence handling must be done defensibly to preserve future attribution and policy options.

Bottom line

Silver Dragon’s blend of stealth (cloud C2) and modular persistence demonstrates how mature adversaries adapt simple cloud tools into robust C2 channels. Organizations must treat common cloud services as potential threat vectors and instrument them accordingly. Source: The Hacker News / Check Point.

3) China’s tougher cybersecurity law and U.S. responses — a changing regulatory reality

The development

Recent reporting outlines how China’s amended cybersecurity law expands data-sovereignty controls, tightens obligations on foreign firms operating in China (data localization, spot checks, greater inspection rights), and raises the penalties for non-compliance. The U.S. response has included policy and enforcement moves aimed at protecting national security supply chains and reducing dependence on technologies flagged as strategic risks. The net effect: multinational vendors must re-examine cross-border data flows, vendor selection, and contingency planning.

Source: Forbes.

Why this matters for security programs

1. Contractual & operational exposure. Data localization demands and inspection rights may require local protections for source code, cryptographic keys, and telemetry that previously flowed to global SOCs. This raises the risk of IP exposure and complicates global incident response.

2. Supply-chain and procurement strategy must adapt. Organizations using vendors with heavy China presence must reassess supply-chain risk, including potential for forced vendor cooperation with local authorities.

3. Incident response and cross-border coordination is harder. Data subject to local rules may be unavailable to overseas investigators quickly, complicating timelines and forensic integrity.

Practical steps for multinational CISOs

• Map data flows and critical telemetry. Build an exact inventory of what data crosses into/out of China and whether it’s considered critical or subject to localization rules. Use DLP and data mapping tools.

• Design segmented SOC models. Consider a regional SOC model with local detection capability and a global coordination hub that receives redacted telemetry or alerts but not raw data when prohibited.

• Contractual clauses for inspection & source code protection. Where local law may require source code review, negotiate escrow, code review via neutral third parties, or remote read-only inspections with legal protections and IP safeguards.

• Pivot to privacy-preserving tech. Adopt cryptographic approaches such as secure enclaves, homomorphic encryption for analytics where feasible, and federated learning for model training to minimize raw data movement.

Policy outlook and risk posture

Expect further divergence between national regimes. U.S. companies should plan for a higher compliance bill and potentially restricted access to Chinese markets unless they adapt to local requirements. Conversely, China’s moves may accelerate domestic alternatives to Western tech stacks — vendors should be cautious about long-term strategic bets requiring global uniformity.

Tactical checklist (30–90 days)

• Complete a cross-border data flow impact analysis. Identify top-risk data elements and dependent suppliers.

• Negotiate data-residency & inspection SLAs before entering Chinese deployments. Include IP protections and escrow mechanisms.

• Enhance legal readiness: prepare playbooks for emergency legal response in the event of local enforcement actions.

Conclusion

Geopolitical friction is no longer abstract. Security teams must operationalize geopolitical threat modeling, and boards must accept that compliance and national policy are core risk drivers for multinational cybersecurity programs. Source: Forbes.

4) Siemens + Palo Alto: Verified AI-driven industrial 5G security — domain-specific stacks arrive

The announcement

Siemens announced delivery of a verified AI-driven cybersecurity solution tailored for Industrial 5G environments in cooperation with Palo Alto Networks. The solution is aimed at addressing OT/IT convergence and the unique security needs of industrial 5G deployments—low latency, high reliability, and strict safety demands. Siemens emphasized verification and domain adaptation: models and detection tuned for industrial protocols and telecom stacks.

Source: Siemens press release.

Why this is significant

1. Domain adaptation matters. Industrial networks exhibit different telemetry, protocols, and failure modes than enterprise IT. Off-the-shelf enterprise detections often produce noise or miss OT anomalies. Siemens + Palo Alto’s approach signals maturation: domain-specific model training and validation are becoming procurement criteria.

2. Industrial 5G raises stakes. 5G’s low latency and slicing capabilities make new services possible but increase the attack surface for critical infrastructure—compromise can have physical safety implications. Verified AI detection tailored to 5G use cases helps close the gap.

3. Vendor co-validation reduces integration risk. A co-validated stack from a recognized industrial vendor and a security vendor reduces the vendor-integration burden for customers and provides clearer SLAs and support channels.

Procurement & technical considerations

• Ask for domain testbeds and telemetry schemas. Require vendors to show performance metrics on industrial protocols (e.g., Modbus, PROFINET), false positive/negative rates, and time-to-detection in representative environments.

• Demand safety & fail-safe behavior. For OT, detection responses must avoid unsafe automated actions. Confirm that the solution by default alerts humans and provides clear recovery playbooks.

• Clarify verification scope. “Verified” must be defined: what was tested, in which environments, by whom (third-party labs or vendor internal teams), and under what threat models.

Operational guidelines

• Integrate verified detection with OT incident workflows. Map detection outputs to specific OT roles (e.g., ICS operator, shift lead) and ensure that response plans preserve safety and continuity.

• Plan for latency constraints. Industrial 5G and edge inference need low processing delays—benchmark detection latency and ensure edge model acceleration (e.g., hardware inference or near-edge microdata centers).

• Red-team the stack. Conduct adversarial testing against the verified stack to ensure the vendor’s testing aligns with your threat model.

Strategic takeaway

The Siemens + Palo Alto move shows defensive industrial AI is moving toward certified, domain-adapted stacks that reduce the implementation risk for critical infrastructure. For energy, manufacturing, and transport operators, vendor-validated integrations can accelerate adoption—but require careful SLA and verification scrutiny. Source: Siemens press release.

5) Terra Security earns the first AWS Security Competency for Autonomous Security Validation — why this matters for procurement

The milestone

Terra Security announced it’s the first AWS partner to achieve the new Security Competency for Autonomous Security Validation. This competency validates Terra’s autonomous testing capabilities within AWS environments—automated red/blue validation, continuous compliance checks, and autonomous attack simulation at cloud scale. The AWS competency signals both commercial validation and a practical procurement checkpoint for cloud customers looking to buy autonomous validation capabilities.

Source: BusinessWire (Terra Security press release).

Why the competency matters

1. Autonomy scales validation. Autonomous validation automates repetitive testing and provides continuous assurance that security controls behave as expected after changes (config, infrastructure, code). For high-velocity cloud environments, it’s impractical to rely solely on periodic manual pen tests.

2. Vendor competency shortens procurement cycles. An AWS competency reduces the buyer’s integration uncertainty: the partner has demonstrated specific capabilities and alignment with AWS best practices.

3. Operationalizing red/blue at cloud speed. Autonomous validation allows teams to maintain continuous baseline assurance and to detect regressions introduced by CI/CD pipelines quickly.

How to evaluate autonomous validation providers

• Scope & safety controls. Autonomous testing must include safe-mode constraints to avoid unintended disruption. Check for throttles, blast-radius control, and rollback mechanisms.

• Evidence & audit logs. Demand deterministic, exportable validation reports that map tests to control objectives and evidence artifacts (pcap, API call logs, screenshots).

• Integration with CI/CD and ticketing. The platform should automatically open and update tickets with validation failures and integrate with pipeline gating for automated rollbacks or approvals.

Tactical procurement redlines (contract language)

• Non-disruptive guarantee: The vendor must guarantee that autonomous tests will not cause production downtime and must provide an indemnity clause for any proven disruption caused by their testing.

• Exportable evidence & replayability: The vendor must provide replayable evidence of test runs for audit and compliance reviews.

• Third-party validation: Include a clause for annual third-party assessments of the autonomous engine’s safety controls.

Practical next steps (30–90 days)

• Pilot with a scoped environment. Start with non-production or staged environments that mirror production capabilities before moving to production validation.

• Integrate validation into SRE & change control. Use autonomous validation as a gating mechanism in your change management flow.

• Measure drift detection: KPI: mean time to detect (MTTD) misconfigurations introduced by automated deployments should drop by X% after adoption.

Takeaway

Terra’s AWS competency marks a turning point: autonomous validation is transitioning from niche experiments to procurement line items. Security leaders should put autonomous validation pilots on their 90-day roadmap. Source: Terra Security / BusinessWire.

Cross-story synthesis — five macro themes and what they mean for defenders

1. Identity is the new perimeter. With credential abuse and thread-hijacking dominant, zero-trust identity hygiene and continuous attestation are mission-critical. (Cloudflare analysis).

2. Cloud services can be C2—protect them. Attackers use benign channels (Google Drive, collaboration tools) for command and exfiltration; monitoring and conditional access for cloud services are now essential. (Silver Dragon tradecraft).

3. Geopolitics affects operational security. China’s tougher rules materially change data flows, incident response, and vendor selection—security programs must bake geopolitical risk into architecture.

4. Domain-specific AI stacks reduce operational risk—but require evidence. Industrial 5G detection needs domain adaptation and verification; don’t accept generic claims without demonstrable, tested results.

5. Autonomous validation is procurement-ready. Cloud competency programs create useful procurement gates; autonomous validation should be piloted as part of a continuous assurance program.

Tactical playbook — what to implement now, this quarter, and this year

Immediate (next 24–72 hours)

• Rotate high-privilege tokens, enforce MFA, and audit third-party app grants across tenants. (Identity hygiene.)

• Block or heavily restrict unmonitored cloud storage (e.g., Google Drive) for critical user cohorts and require conditional access. (Cloud C2 hardening.)

• Start a procurement review of any vendor that stores telemetry cross-border—map legal and technical mitigations for data residency. (China law readiness.)

Near term (30–90 days)

• Deploy UEBA and identity risk scoring; feed into SOAR to automate token revocations and account lockdowns for high-risk events. (Identity detection program.)

• Run purple-team exercises that simulate cloud-C2 using benign proxies to test detection chains and telemetry integrity. (Adversary emulation.)

• Pilot a verified domain stack where applicable (OT/industrial), demand test metrics and verification artifacts before purchasing. (Industrial 5G security.)

• Launch an autonomous validation pilot with an AWS competent partner or equivalent in your cloud provider ecosystem. (Continuous assurance.)

Strategic (6–12 months)

• Move to a regional SOC model or hybrid model with data redaction where legal barriers prevent raw data movement; invest in federated detection methods. (Geopolitical resilience.)

• Institutionalize vendor verification: require model cards, third-party audits, and testbed results for AI-driven security products. (Procurement governance.)

• Integrate autonomous validation into CI/CD pipelines, with automated rollback or gating for misconfiguration detection. (Continuous security of cloud microservices.)

Procurement redlines & sample contract clauses (practical language you can use)

Use these as starting points in RFPs and SOWs for AI-driven security, industrial stacks, and autonomous validation.

1. Data Residency & Audit Clause: “Vendor warrants that all production telemetry and raw logs required for forensic analysis shall either (a) remain within [designated legal jurisdiction], or (b) be accessible only in aggregated, anonymized form, unless explicit written consent is obtained. Vendor shall provide an auditable log of any data access from outside the jurisdiction within 24 hours.” (Use when China law or other sovereignty issues are relevant.)

2. Verified Performance Clause: “Vendor shall provide third-party verification reports demonstrating detection performance within the Buyer’s domain (industrial/5G) including false positive and false negative rates measured on a representative testbed. Failure to meet threshold metrics shall be grounds for remediation or termination.” (Use for domain-specific AI stacks.)

3. Non-Disruption Warranty for Autonomous Validation: “Autonomous testing agents shall operate within pre-agreed blast radius constraints; Vendor shall indemnify Buyer for any verifiable production disruption caused by vendor’s autonomous validation activities up to $X amount, and provide an immediate rollback and remediation plan.” (Use for autonomous validation pilots.)

4. Cloud Service C2 Monitoring Addendum: “Vendor will integrate cloud storage and collaboration telemetry into the Buyer’s SIEM and implement anomaly detection for usage patterns consistent with C2 (e.g., frequent small uploads, scheduled heartbeats, file-extension signaling).” (Use where cloud C2 risk is high.)

Risk register — ten prioritized risks and mitigations

1. Identity theft & thread-hijacking success (High). Mitigate: MFA, token TTLs, conditional access, human confirmation for payments.

2. Cloud C2 abuse (High). Mitigate: conditional access, monitoring Google Drive API use, DLP for cloud files.

3. Data sovereignty compliance failures (High). Mitigate: data flow mapping, local SOCs, legal playbooks.

4. False positives from industrial AI (Medium). Mitigate: phased rollout, safety-first automated responses, human verification.

5. Autonomous test disruption (Medium). Mitigate: non-production pilots and indemnities.

6. Supply chain & vendor concentration (Medium). Mitigate: multi-vendor strategies and portability clauses.

7. Adversary use of generative AI (High). Mitigate: AI-aware phishing simulations, advanced detection for language and prompts.

8. Regulatory surprises (Medium). Mitigate: legal monitoring and scenario playbooks.

9. Attribution ambiguity for state-linked actors (Medium). Mitigate: evidence preservation, CSIRT coordination.

10. Talent & operational capacity constraints (Medium). Mitigate: automation where safe, targeted hiring, academic partnerships.

Board-level KPIs & executive dashboard (what the board should demand)

• Identity incident dwell time (hours) — target < 4 hours for detection to containment of credential misuse.

• Cloud C2 detection coverage (%) — percent of enterprise accounts with C2 anomaly monitoring.

• Compliance readiness score for top 3 jurisdictions (China, EU, US) — readiness for data localization and inspection.

• Industrial AI false positive rate (%) — tracked for production OT deployments; target < X% defined by pilot metrics.

• Autonomous validation coverage (% of critical workloads) — % of production services under continuous autonomous validation.

Practical playbook for SOCs and IR teams (checklist)

• Daily: token expiration reviews, service account audit, review flagged cloud file uploads.

• Weekly: run tabletop on thread-hijack scenario; test payment verification channels.

• Monthly: purple-team with cloud C2 emulation; update detection rules.

• Quarterly: vendor verification audits (industrial stacks & autonomous validation), legal readiness review for cross-border flows.

Conclusion — the near term narrative and the actions that matter

This week’s briefing brings a clear set of priorities: secure identity aggressively, instrument cloud services as high-risk channels, treat geopolitics as operational risk, insist on domain-adapted verified stacks in industrial contexts, and pilot autonomous validation as part of continuous assurance.

If you act on nothing else in the next 90 days, do these three things:

1. Identity triage: rotate tokens, enforce MFA, and deploy UEBA/identity risk scoring for critical cargos.

2. Cloud hardening: limit unmonitored cloud storage for high-privilege groups and integrate cloud file telemetry into SOC playbooks.

3. Procurement hygiene: require third-party verification and evidence for domain-specific AI stacks and autonomous validators; run a 90-day pilot before full rollouts.

Threats will continue to adapt. Attackers will weaponize AI, living-off-the-land techniques will persist, and geopolitics will raise the bar for safe global operations. But the defenders’ playbook is clear: move identity to the center, instrument the cloud end-to-end, and insist on audited, verified vendor claims. Do that and you will materially reduce your organization’s near-term exposure.

Sources

• Source: Cybersecurity Dive.
• Source: The Hacker News (reporting on Check Point findings).
• Source: Forbes.
• Source: Siemens press release.
• Source: BusinessWire (Terra Security press release).