Why Compliance Doesn’t Equal Security
Blog Published: 08/18/2023
Originally published by BARR Advisory. Written by Devin Olsen, Associate Consultant, Attest Services, BARR Advisory. One of the worst mistakes a business leader can make is believing that compliance equals security.There are many examples of this, but the most egregious often relate to password r...
Proactive Threat Hunting with Anomaly Detection in the Cloud
Blog Published: 08/18/2023
Originally published by Uptycs. Written by Laura Kenner. As our systems increasingly shift towards the cloud, security strategies must evolve to protect these novel environments. Traditional security approaches may not apply or function optimally in the cloud's unique landscape.Craig Chamberlain,...
Ephemeral Cloud Access: Unlocking Seamlessly Integrated Innovations in Multi-Cloud IAM
Blog Published: 08/17/2023
Originally published by Britive.In the present landscape of cloud operations, businesses are expanding their digital footprint to scale across multiple cloud platforms and the need for efficient identity and access management (IAM) is becoming more critical than ever. Modern multi-cloud IAM requi...
The Evolution of AI from GPT-1 to GPT-4
Blog Published: 08/17/2023
Written by Prikshit Goel, Vice President, Cloud Security, Cybersecurity Services and Hitesh Saini, Platform Engineering Head, Cloud Security, Cybersecurity Services, HCLTech. The evolution of Generative Pre-trained Transformers (GPTs) has been nothing short of revolutionary, marking significant s...
5 Reasons Phishing is Your Biggest Cybersecurity Problem
Blog Published: 08/17/2023
Originally published by Abnormal Security. Written by Callie Hinman Baron, Content Marketing Manager, Abnormal Security. Phishing attacks generally don’t make the headlines. And if you ask a security professional to rank email attack types by the level of threat they pose to their organization, a...
How to Prepare for the SEC's New Cyber Disclosure Rule
Blog Published: 08/16/2023
Originally published by Schellman. The Securities and Exchange Commission's (SEC) final rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure will require buy-in and active preparation from several departments of your organization to accommodate the new requirem...
The Importance of Digital Trust in the Era of Web 3
Blog Published: 08/16/2023
Originally published by DigiCert. Written by Dr. Avesta Hojjati. For better or for worse, every aspect of our lives today is digitally connected – from how we socialize to where we work to even how our health devices are connected. Yet as we constantly engage online, how do we know that our footp...
Cloud Data Access – From Chaos to Governance
Blog Published: 08/16/2023
Originally published by Dig Security. Written by Benny Rofman. Controlling access to sensitive data is the bread and butter of any cybersecurity strategy. However, the cloud adds many complications on the road to least privilege. Below we delve into the realities of data access governance in toda...
FedRAMP Just Got Better – And is Here to Stay
Blog Published: 08/15/2023
Originally published by Coalfire. Written by Tom McAndrew, Chief Executive Officer, Coalfire. President Biden signed the National Defense Authorization Act (NDAA), taking a giant step forward in securing the federal government’s cloud-first mission. The FedRAMP® (Federal Risk and Authorization Ma...
Data-Driven AI: Understanding the Risks and Mitigations
Blog Published: 08/15/2023
Written by Tarun Gupta, Enterprise Risk, Compliance and Assurance Leader, G42. In recent years, the rapid advancements in artificial intelligence (AI) have revolutionized various industries, unleashing unprecedented opportunities for innovation and growth. Among the various approaches to AI, "D...
Network Defense Platform: The Evolution Needed for Modern Enterprise Security
Blog Published: 08/15/2023
Originally published by Netography. Written by Martin Roesch, CEO, Netography. I’ve written before that the fundamental organizing principles of network security include protecting users, applications, data, and devices. With these organizing principles, it’s not uncommon for enterprise n...
Azure's Kubernetes Service (AKS): Analysis of Security Flaws and Countermeasures
Blog Published: 08/14/2023
Written by Abhishek Bansal, Founder, Autharva.Reviewed by Arun Dhanaraj, Vice President of Cloud Practices, Mizuho. IntroductionContainers have brought about a sea change in the way software engineers build, package, and distribute their programs. The Azure Kubernetes Service (AKS), which lets de...
Managing Cloud Misconfigurations Risks
Blog Published: 08/14/2023
Written by Ashwin Chaudhary, CEO, Accedere. Entities worldwide are rapidly migrating their business, services, and IT operations to the Cloud environment. Most entities across the globe have migrated their owned or on-premises data centers to IaaS as it offers direct access to its cloud servers a...
AI Security and Risk Management
Blog Published: 08/11/2023
Artificial Intelligence (AI) is revolutionizing various industries, but it is also bringing forward security and risk management challenges. As AI integrates into our daily lives, concerns about safeguarding the confidentiality, integrity, and availability of AI systems and data grow alongside...
New Top-Level Domains: Overblown or Undermining Our Security?
Blog Published: 08/11/2023
Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. In May, Google generated a tempest in the cybersecurity teakettle with this announcement on Twitter:Today, Google Registry is launching eight new top-level domains: .dad, .phd, .prof, .esq, .foo, .zip, .m...
Reflecting on the Journey of Cloud Adoption and Security Thus Far
Blog Published: 08/11/2023
Written by Raghvendra Singh, Head, Cloud Security CoE, TCS.The latter half of 2023 is here, and the cloud trend shows no signs of reversal. Few might have predicted the power of cloud computing a decade ago, when there were obvious questions about its security, sustainability, cost, and overall m...
Are Hybrid Workers at More Risk of Cyber Threats?
Blog Published: 08/10/2023
Originally published by ThreatLocker. Introduction Did you know that in 2023, 74% of US companies support or plan to support hybrid workers? The global COVID-19 pandemic shut down enterprises worldwide, forcing companies to devise creative ways to maintain business productivity while keeping work...
Joe Sullivan to Share His Perspective on the Existential Challenges of Being a CISO at Cloud Security Alliance’s SECtember 2023
Press Release Published: 08/10/2023
Former Uber CSO will draw on personal experience to help security leaders navigate crossroads of stringent regulations and corporate and personal riskSEATTLE – Aug. 10, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and ...
Pentesting for Cloud Systems: What You Need to Know
Blog Published: 08/10/2023
Originally published by Synack. Security Breaches in Cloud SystemsMost businesses today perform at least some of their compute functions in the cloud. For good reason. Processing in the cloud can lead to increased productivity while reducing capital and operational costs. But, as with any compute...
Cybersecurity: Where Do Canadian Companies Stand?
Blog Published: 08/09/2023
Written by NOVIPRO. The widespread adoption of remote work has disrupted Canadian companies’ cybersecurity practices. However, according to the latest IT Landscape in Canadian Small, Medium, and Large Enterprises 2023 report, few companies appear ready to invest more in protecting their and th...