Welcome reader to your CybersecurityHQ report.

Headlines

Drug distributor Cencora, a partner of Bayer and many other major US drug manufacturers, was struck by a data breach in February, compromising client health information. Though we don’t yet know how many were affected, we know that exfiltrated data includes full name, address, date of birth, medical diagnoses, and prescriptions.

To mitigate the potential damage, they are offering exposed individuals 24 months of free credit monitory and identity theft protection. This comes just one year after Cencora paid out a settlement for a lawsuit claiming the company contributed to the opioid crisis.

Since announcing its new Recall feature, Microsoft continues to find itself in hot water with security professionals and privacy advocates. The new AI-power feature is meant to allow users to find whatever they’ve seen on their PC by recording activity. Periodic screen captures are analyzed and stored, allowing the user to ask for them using natural language.

While the company has made many assurances about the security of the feature, many remain skeptical that Microsoft can make guarantees. One of the most important objections comes from the UK’s Information Commissioner’s Office, which released a statement noting the risks they see with the tool.

Averlon is a company using AI to discover weaknesses in cloud security, and it just raised $8 million in seed funding — bringing its total to $10.5 million. The company comes with a pedigree in Salesforce and Microsoft cybersecurity, which helped earn attention from Voyager Capital, Outpost Ventures, Salesforce Ventures, and angel investors.

Describing the product, Averlon co-founder and CEO Sunil Gottumukkala said, “Security teams are bombarded with daily alerts, often leading to a reactive security posture where they are playing catch-up or unsure where to focus. Averlon solves this challenge, providing customers with a holistic way to understand, predict, and prevent cloud security attacks.”

Interesting Read

A new survey by ConductorOne is definitely worth a browse, offering up a report that sheds light on how 500 IT and security professionals are thinking about identity security and access management.

The complexity of systems is a major issue. Many companies are now using extremely intricate and interlocking digital tools, which all come with their own risks and exposures — and often a whole new set of credentials. That’s probably why 77% of respondents admitted to having an identity-based security incident over the past year.

Employment Tip: Set Clear Goals for Yourself

Advancing a cybersecurity career requires setting clear and achievable goals. Identifying the certifications you want to get, the networking events you plan to attend, or the kind of work you want to move into are all great places to start. Of course, you will always need to be flexible in your goals, especially in a realm as mercurial as cybersecurity.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team