December 20, 2023 at 05:32AM Greater Manchester Police (GMP) faces an enforcement notice from Britain’s data watchdog for a substantial backlog of over 850 Freedom of Information (FOI) Act requests, some dating back years. The Information Commissioner’s Office (ICO) demands urgent action to clear the backlog and improve response times to maintain public trust and … Read more
December 18, 2023 at 10:39AM SaaS has become crucial for corporate IT, with service businesses almost entirely reliant on it. However, this shift has attracted threat actors. Trends for 2024 include democratization of SaaS, the importance of ITDR, cross-border compliance, misconfiguration risk, third-party app reliance, and remote device security. SSPM tools like Adaptive Shield are … Read more
November 30, 2023 at 07:18AM Wing Security now offers free basic third-party risk assessments for SaaS, highlighting the connection between SaaS and third-party risk management (TPRM). The article underscores the importance of rigorous TPRM processes to handle risks from SaaS supply chains, offering 5 TPRM tips for SaaS security, including identification, due diligence, ongoing monitoring, … Read more
November 29, 2023 at 05:50PM Fortanix Inc. introduces Key Insight for its DSM platform, a unique tool to discover, assess, and remediate risks in encryption key management across multicloud environments, providing a data-centric security solution with improved compliance and risk posture. To be showcased at AWS re:Invent 2023. Takeaways from Meeting Notes: 1. Fortanix Inc. … Read more
November 22, 2023 at 03:36PM Kiteworks, a company focused on data privacy and compliance, announced its merger with Maytech, a provider of data file transfer solutions. The merger strengthens Kiteworks’ position in the UK market and expands its offering to Maytech customers. The strategic move combines technological strengths and resources, fostering innovation and accelerating research … Read more
November 21, 2023 at 10:21AM Stealth mode security startup Lasso Security has raised $6 million in seed funding, led by Entrée Capital and with participation from Samsung Next. The Tel Aviv-based company is developing technology to address cyber threats faced by generative AI and large language models, aiming to protect businesses that use these technologies. … Read more
November 20, 2023 at 06:26PM The FDA has issued updated regulations regarding the cybersecurity requirements for medical devices. The regulations, found in Section 524B of the FD&C Act, went into effect on October 1, 2023. They apply to anyone submitting a premarket application for a “cyber device.” The purpose of the regulations is to ensure … Read more
November 20, 2023 at 07:45AM Shifting to a converged Secure Services Edge (SSE) model with a clear path to SASE improves cybersecurity, but it’s important to assess risk profiles before adopting SSE platforms. Factors to consider include certifications and compliance, reputation and history, data security measures, service-level agreements, and commitment to continuous improvement. By evaluating … Read more
November 15, 2023 at 04:05PM The European Union’s NIS2 Directive aims to enhance the security and resilience of network and information systems in the EU. Organizations operating within the EU must comply with the directive, which includes training and awareness, cybersecurity risk management measures, reporting obligations, and the use of EU certification schemes. Noncompliance can … Read more
November 14, 2023 at 10:14PM DirectDefense has announced the release of ThreatAdvisor 3.0, a security orchestration, automation, and response (SOAR) platform. The platform improves the speed, efficiency, and accuracy of the company’s Security Operations Center (SOC) by offering continuous security monitoring and management, automating manual processes, and providing an extensive knowledge base for compliance and … Read more