The Current Landscape of Global AI Regulations
Blog Published: 10/22/2024
Originally published by Truyo.As artificial intelligence (AI) continues to permeate various aspects of our lives, understanding the regulatory frameworks governing its development and application is becoming increasingly important. From the United States to China, different countries are adopting...
Cloud Security Alliance Releases Second Paper Delineating Organizational Responsibilities for Successfully and Ethically Implementing Artificial Intelligence
Press Release Published: 10/22/2024
Paper provides comprehensive, industry-neutral guidelines and best practices for various stakeholders, from CISOs and AI developers to business leaders and policymakersSEATTLE – Oct. 22, 2024 – Driven by the need to address the evolving landscape of Artificial Intelligence (AI) and its associated...
Optimizing Secrets Management to Enhance Security and Reduce Costs
Blog Published: 10/22/2024
Written by Itzik Alvas, Entro Security.Cyber threats are evolving rapidly. Organizations must navigate the delicate balance between robust security measures and cost-efficiency. One critical aspect of this balancing act is Non-Human identities & secrets management; secrets management is how o...
Top Threat #4 - Cloudy with a Chance of Breach: The Cloud Security Strategy Storm
Blog Published: 10/21/2024
Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we'll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whethe...
5 Behaviors for Transforming Your Cybersecurity Leadership
Blog Published: 10/21/2024
Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.As an enterprise cybersecurity leader, your role is pivotal in safeguarding your organization's assets, data, people, and reputation. You likely have a very capable team to help with each of these tasks, ...
File-Sharing Fraud: Data Reveals 350% Increase in Hard-to-Detect Phishing Trend
Blog Published: 10/21/2024
Originally published by Abnormal Security.Phishing has long remained a favorite strategy among cybercriminals, and as security awareness has evolved, so have their tactics. According to our H2 2024 Email Threat Report, which was released today, phishing makes up nearly 72% of all advanced attacks...
Learn How to Conduct a Cybersecurity Audit for the Cloud with These CSA Training Options
Blog Published: 10/18/2024
As cloud adoption continues to reshape the IT landscape, ensuring cloud environments are secure and compliant is critical. However, a cybersecurity audit specific to cloud computing introduces unique challenges, given the complexities of shared security responsibilities between cloud providers an...
Emulating Cryptomining Attacks: A Deep Dive into Resource Draining with GPU Programming
Blog Published: 10/18/2024
Originally published by Pentera.Cryptomining has surged in popularity, driven by the growing value of cryptocurrencies like Bitcoin and Ethereum. With leaked credentials easier than ever to acquire, attackers are looking for ways to profit, which has led to a rise in malicious cryptomining, or cr...
A Look At Strong Password Practices: A Shield For Your Digital Life
Blog Published: 10/18/2024
Written by Abel E. Molina, Softchoice."An ounce of prevention is worth a pound of cure." - Benjamin FranklinIn the digital age, our lives are intricately tied to the online world, from managing finances to sharing moments with loved ones. Yet, with the convenience of the internet comes a signific...
Navigating Cloud Security: A Shared Responsibility
Blog Published: 10/17/2024
Originally published by CyberArk.Written by Alyssa Miles.Each July, my family and I take a road trip from Kentucky back to my hometown in northwestern Pennsylvania to spend time on Lake Erie. As tradition dictates, we stop along I-71 for coffee at a branch of a certain coffee shop, which also hap...
The EU AI Act: A Roadmap for Trustworthy AI
Blog Published: 10/17/2024
Originally published by Vanta.Written by Herman Errico.As artificial intelligence (AI) continues to revolutionize various sectors, ensuring it is developed and deployed in alignment with ethical standards and fundamental rights is critical for businesses that use it. The European Union's Artifici...
An Overview of Microsoft DPR, Its New AI Requirements, and ISO 42001’s (Potential) Role
Blog Published: 10/16/2024
Originally published by Schellman. Within a few months of their latest update to their Data Protection Requirements (DPR) to address a coding incident (version 9.1), Microsoft released a draft or “pre-read” for their version 10 requirements that will be utilized for its Supplier Security and Pri...
Rowing the Same Direction: 6 Tips for Stronger IT and Security Collaboration
Blog Published: 10/16/2024
Originally published by Dazz.The Olympians make it look easy, but make no mistake: rowing is a more difficult sport than meets the eye. Changing conditions in the water and weather, exhaustion, and even a head tilt in the wrong direction can send the boat off course or cause the team to lose time...
How to Leverage Automation Tools to Streamline Your Next Compliance Audit: 3 Tips for Security Teams
Blog Published: 10/16/2024
Originally published by BARR Advisory.Compliance automation tools are designed to assist organizations in streamlining the rigorous demands of cybersecurity frameworks such as SOC 2, ISO 27001, and HITRUST. These platforms can help address the heavy lifting involved in preparing, undergoing, and ...
The Need for Continuous Assurance and Compliance Automation
Blog Published: 10/15/2024
A lot is said about “trust” in our industry, but trust is really a means to an end. For an organization, that “end” is the accomplishment of its mission. To achieve its mission, an organization must have healthy interactions with internal and external actors. Therefore, in this context, trust mea...
Unleashing the Power of Managed Endpoint Security: Crafting Effective SD-WAN and SASE Strategies
Blog Published: 10/15/2024
Written by Andrew Winney, General Manager and Global Head of SASE Business, Tata Communications.Originally published on CXOtoday.In today's digitally connected world, businesses face unprecedented challenges in securing their expanding network of endpoints. As Distributed Enterprises embrace remo...
AI and ML for Adopting, Implementing, and Maturing Zero Trust Network Access
Blog Published: 10/15/2024
Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.In today's evolving cyber threat landscape, traditional network security models are increasingly inadequate. More robust and dynamic security paradigms like zero trust network access (ZTNA) are needed. As...
App-Specific Passwords: Origins, Functionality, Security Risks and Mitigation
Blog Published: 10/11/2024
Originally published by Astrix on August 14, 2024.Written by Tomer Yahalom.Google announced it will terminate support for Less Secure Apps (LSAs) on September 30, which presents a great opportunity to dive into their evolution – App-Specific Passwords, and the security concerns that still remain....
Reflections on NIST Symposium in September 2024, Part 2
Blog Published: 10/10/2024
Written by Ken Huang, CEO of DistributedApps.ai and VP of Research at CSA GCR.1. Introduction and Background On September 24, 2024, I had the privilege of attending the NIST symposium "Unleashing AI Innovation, Enabling Trust." This event brought together leading experts, policymakers, and ind...
To Secure the AI Attack Surface, Start with Fundamental Cyber Hygiene
Blog Published: 10/10/2024
Originally published by Tenable. Written by Lucas Tamagna-Darr. Confusion and unknowns abound regarding the risks of AI applications. Many vendors are offering solutions to AI application security problems that aren't clearly defined. Here we explain that to boost AI application security and to ...
