Collaborate Disseminate
Remember when managing user accounts was your biggest headache? Those were simpler times. Today, we’re drowning in a sea of machine identities, and it’s time to learn how to swim – or risk going under. In the ever-expanding universe of hybr… Continue reading Beyond human IAM: The rising tide of machine identities
Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Securit… Continue reading How to make Infrastructure as Code secure by default
Healthcare institutions are custodians of vast repositories of sensitive patient data, encompassing comprehensive health histories, insurance profiles, and billing data. The ramifications of a data breach often extend far beyond the immediate task of p… Continue reading Cybersecurity is a fundamental component of patient care and safety
Crashes due to faulty updates are nothing new; in fact, one reason IT teams often delay updates is their unreliability and tendency to disrupt the organization’s day-to-day operations. Zero-days are also an old phenomenon. In the past, due to a lack of… Continue reading Tech stack uniformity has become a systemic vulnerability
Cybercriminals are beginning to take advantage of the new malicious options that large language models (LLMs) offer them. LLMs make it possible to upload documents with hidden instructions that are executed by connected system components. This is a boo… Continue reading AI cybersecurity needs to be as multi-layered as the system it’s protecting
I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities were announced, w… Continue reading September 2024 Patch Tuesday forecast: Downgrade is the new exploit
Businesses run on SaaS solutions: nearly every business function relies on multiple cloud-based tech platforms and collaborative work tools like Slack, Google Workspace apps, Jira, Zendesk and others. We recently surveyed security leaders and CISOs on … Continue reading Human firewalls are essential to keeping SaaS environments safe
Organizations’ preparedness and resilience against threats isn’t keeping pace with cybercriminals’ advancements. Some CEOs still believe that cybersecurity requires episodic intervention rather than ongoing attention. That isn’t the reality for many co… Continue reading How to gamify cybersecurity preparedness
Continuous threat exposure management (CTEM) – a concept introduced by Gartner – monitors cybersecurity threats continuously rather than intermittently. This five-stage framework (scoping, discovery, prioritization, validation, and mobiliza… Continue reading Managing low-code/no-code security risks
Version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), which came into effect back in April, incorporates a few important changes to make it fit for the modern digital world, addressing how technologies, the threat landscape and p… Continue reading Complying with PCI DSS requirements by 2025