Collaborate Disseminate
The odd month-to-month pattern of CVEs addressed by Microsoft continued with the May Patch Tuesday. After seeing high numbers for April, we saw 20 and 23 CVEs fixed for Windows 11 and 10, respectively, in May. And after 62 CVEs were fixed for Server 20… Continue reading June 2023 Patch Tuesday forecast: Don’t forget about Apple
Businesses have been using artificial intelligence for years, and while machine learning (ML) models have often been taken from open-source repositories and built into business-specific systems, model provenance and assurance have not always necessaril… Continue reading AI: Interpreting regulation and implementing good practice
In my last post I discussed how developers can be your security secret weapon… but how to help them love doing security work? That’s a whole other challenge! Stories of the tension between developers and security teams are a longstanding feature of the… Continue reading How to make developers love security
“Once a new technology rolls over you, if you’re not part of the steamroller, you’re part of the road.” – Stewart Brand The digital world is vast and ever-evolving, and central to this evolution are large language models (… Continue reading Leveraging large language models (LLMs) for corporate security and privacy
Are you watching your employees? Though the question may incite thoughts of “Big Brother” and an all-seeing or all-knowing entity, it isn’t quite as ominous as you might think. Employee productivity surveillance technology, or EPST, often tracks … Continue reading Surveilling your employees? You could be putting your company at risk of attack
As the world’s most powerful military and economic power, the United States also holds another, less impressive distinction: Cyber threat actors target the US more than any other country in the world. In 2022 alone, the FBI received more than 800,000 c… Continue reading How defense contractors can move from cybersecurity to cyber resilience
The cloud is the future of enterprise architecture. It’s economical (to a degree), it’s scalable, it’s flexible and – best of all – it’s someone else’s responsibility. Again, to a point. That’s because the cloud comes with its own set of se… Continue reading Why organizations should adopt a cloud cybersecurity framework
The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, particularly in the critical infrastructure sector. These threats extend not … Continue reading The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals
Samsung’s recent discovery that employees had uploaded sensitive code to ChatGPT should serve as a reminder for security leaders to tread carefully when it comes to integrating new artificial intelligence tools throughout their organizations. Shadow AI… Continue reading How to avoid shadow AI in your SOC
Integrating an acquired company into a single organization is a daunting task that can take weeks, months, or even years to complete. To have a successful conclusion to the mergers and acquisitions (M&As) process, identity and access management (I… Continue reading 7 access management challenges during M&A