Trend Experts Weigh in on Global IT Outage Caused by CrowdStrike

July 20, 2024 at 12:22PM Global IT outage caused by CrowdStrike on July 19, 2024, affected various industries, leading to Windows computers malfunctioning. Trend Micro acknowledges the situation and advises vigilance in monitoring non-Windows environments against potential adversary exploitation. They emphasize the need for rapid bug mitigation and software deployment evolution. Trend shares resilience strategies … Read more

OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise

July 18, 2024 at 04:03PM OpenAI is launching new compliance tools for ChatGPT Business Edition, aiming to support enterprise customers in regulated industries like finance and healthcare. The Enterprise Compliance API and third-party integrations help audit, manage data, and ensure compliance with regulations like FINRA, HIPAA, and GDPR. This move aligns with OpenAI’s focus on … Read more

Trade the Comfort of Security Theater for True Security

July 11, 2024 at 03:13PM The text discusses the concept of “security theater,” where companies prioritize the appearance of security over actual risk mitigation. It outlines the various actors involved in creating this illusion and warns about the legal and financial consequences. The importance of true security, evolving with technology and enforcing a growth mindset, … Read more

Odaseva Raises $54M Series C Round to Expand Product Offerings and Continue Category Leadership

July 2, 2024 at 01:13PM Odaseva, a leading enterprise data security platform for Salesforce, has secured a $54 million Series C financing, bringing their total funding to over $90 million. The investment will support their growth, data security, and product development. With a growing customer base, including Global Fortune 500 companies, Odaseva remains committed to … Read more

1Touch.io Integrates AI Into Mainframe Security

June 28, 2024 at 09:35AM 1touch.io has launched its mainframe security posture management (MSPM) product, utilizing contextual AI to enhance data discovery and classification accuracy. Mainframes, supporting majority of global IT workloads, face security challenges in hybrid cloud environments. MSPM offers comprehensive visibility and fast database scanning, integrating with mainframe data sources and supporting various … Read more

Don’t Forget to Report a Breach: A Cautionary Tale

June 28, 2024 at 09:18AM ICE faced a $10 million fine from the SEC for delaying reporting a VPN breach, violating compliance requirements. No clear reason for the delay was provided. The case highlights risks of bypassing compliance for quick response, showing cybersecurity’s broad business impact and insurance implications. Boards are urged to ask better … Read more

Process to Verify Software Was Built Securely Begins Today

June 12, 2024 at 03:30PM Starting June 11, US government contractors must submit a Secure Software Development Attestation Form, confirming adherence to secure-by-design principles and scrutiny of software components through software bills of material (SBOMs). Only 20% of respondents are prepared for this federal cybersecurity attestation, with 16% incorporating SBOMs into their software development. Other … Read more

Understanding Security’s New Blind Spot: Shadow Engineering

June 6, 2024 at 10:02AM Summary: Citizen developer applications, enabled by low-code/no-code technology, pose security risks known as “shadow engineering.” Despite potential benefits, these apps bypass traditional security measures, leaving organizations vulnerable. To mitigate risks, applying traditional security principles to these apps, empowering citizen developers, enforcing compliance, and regular monitoring are crucial. Based on the … Read more

A SANS’s 2024 Threat-Hunting Survey Review

June 4, 2024 at 05:16PM The 2024 SANS Threat Hunting Survey reveals a rise in organizations adopting formal threat-hunting processes, reflecting a standardized approach in cybersecurity strategies. The survey’s participants span various industries and organization sizes, showcasing the multifaceted nature of threat hunting. Notably, prevalent cyber threats include BEC and ransomware, prompting evolving threat-hunting practices … Read more

Data Privacy in the Age of GenAI

May 31, 2024 at 10:07AM The American Privacy Rights Act of 2024 (APRA) is a comprehensive national legislation aiming to hold organizations accountable for privacy. It includes requirements like CEO-signed compliance certification, biennial audits, and publishing privacy policies. However, concerns remain about transparency, ethics, and the impact of GenAI models, indicating the need for further … Read more