Collaborate Disseminate
Security analysts face the demanding task of investigating and resolving increasing volumes of alerts daily, while adapting to an ever-changing threat landscape and keeping up with new technology. To complicate matters further, the cybersecurity workfo… Continue reading The warning signs for security analyst burnout and ways to prevent
Excessive privileges are a continuing headache for security professionals. As more organizations migrate assets to the cloud, users with excessive permissions can expand the blast radius of an attack, leaving organizations open to all sorts of maliciou… Continue reading Using just-in-time access to reduce cloud security risk
Generative AI has captured the imagination of millions worldwide, largely driven by the recent success of ChatGPT, the text-generation chatbot. Our new research showed that globally, 67% of consumers have heard of generative AI technologies, and in som… Continue reading The double-edged sword of generative AI
Are we moving too fast with AI? This is a central question both inside and outside the tech industry, given the recent tsunami of attention paid to ChatGPT and other generative AI tools. Nearly all tech companies are moving to incorporate AI into their… Continue reading Generative AI and security: Balancing performance and risk
In just under a year’s time, organizations will have had to comply with several new requirements under version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS). About PCI DSS PCI DSS comprises 12 requirements to protect payment card da… Continue reading Are you ready for PCI DSS 4.0?
As digital transformation revolutionizes the healthcare industry, its use of API (application programming interfaces) technology is skyrocketing. APIs, which help users and apps interact and exchange information, are essential tools for healthcare syst… Continue reading The silent killers in digital healthcare
More than ever, organizations are relying on third parties to streamline operations, scale their business, expand and leverage expertise, and reduce costs. In the complex and fast-moving world of cybersecurity-meets-regulations, working with third part… Continue reading A third-party’s perspective on third-party InfoSec risk management
There was a time, not too long ago, when most IT leaders believed shadow IT was a negligible element in their companies. They felt their IT organizations were so in control of what applications were purchased and who was granted access and that minimal… Continue reading The staying power of shadow IT, and how to combat risks related to it
Too many people have access to company data they don’t need. Also, too many companies focus on authentication (verifying identity) as a security measure and overlook the importance of authorization (verifying right to access). While it’s im… Continue reading The biggest data security blind spot: Authorization
Mention IT security, and most people immediately think of software-based protections against software-based threats: ransomware, viruses, and other forms of malware. But recognition of the importance of hardware security—upon which all software securit… Continue reading Security beyond software: The open source hardware security evolution