Collaborate Disseminate
While moving to the cloud increases efficiency and business agility, security strategies haven’t been adapted to account for this shift and traditional tools can’t effectively manage the unique associated risks. CISOs that ignore the risks are left com… Continue reading It only takes one over-privileged identity to do major damage to a cloud
In today’s data-driven world, the expectations and demands faced by many organizations worldwide are reaching unseen levels. To meet the challenge, a data-driven approach is necessary, with effective digital transformation needed to improve operational… Continue reading Foiling intellectual property theft in a digital-first world
Enterprises looking to modernize their APIs are increasingly switching from the REST architecture to the open-source data query and manipulation language GraphQL. While the transition makes sense – GraphQL is more flexible, scalable, and easier f… Continue reading The top security threats to GraphQL APIs and how to address them
Understanding why ChatGPT is garnering so much attention takes a bit of background. Up until recently, AI models have been quite “dumb”: they could only respond to specific tasks when trained on a large dataset providing context on what to find. But, o… Continue reading ChatGPT is bringing advancements and challenges for cybersecurity
Despite economic volatility and tighter budgets, adoption of software as a service (SaaS) continues to increase. Gartner forecasts a 16.8% growth for SaaS in 2023 as companies – including SMBs – add new SaaS platforms to their IT stack. Thi… Continue reading Four steps SMBs can take to close SaaS security gaps
Cloud environments and application connectivity have become a critical part of many organizations’ digital transformation initiatives. In fact, nearly 40% of North American and European-based enterprises adopted industry-specific cloud platforms in 202… Continue reading Application and cloud security is a shared responsibility
Another year of high-profile cyberattacks, another year of beating the cybersecurity drums. Clearly, we’re missing a few notes. Attack surface management (ASM) is a make or break for organizations, but before we get to the usual list of best practices,… Continue reading Attack surface management (ASM) is not limited to the surface
There is a definite trend of MSPs shifting into security. There are a number of very good reasons for this, including the fact that other services traditionally offered are becoming commoditized, as well as the increasing threat that SMEs and SMBs are … Continue reading The risks and benefits of starting a vCISO practice
Recently, I was asked to imagine that I had been granted an hour with top officials at the Cybersecurity and Infrastructure Security Agency (CISA) – what advice would I offer to help it have an even bigger impact in 2023 and beyond? It was only i… Continue reading Steps CISA should take in 2023
The concept of zero trust – as a way to improve the security of and access to an organization’s network, systems, and data – has gained traction in recent years. The basic premise is that no user or device should be trusted by default… Continue reading Reimagining zero trust for modern SaaS