October 17, 2024 at 10:06AM The role of the Chief Privacy Officer (CPO) is evolving amidst increasing data breaches and regulatory demands. CPOs now juggle diverse responsibilities, integrating privacy with security and AI governance. Effective data management requires collaboration across teams, emphasizing the need for a robust privacy framework that enhances overall organizational resilience. ### … Read more
October 15, 2024 at 10:01AM Security teams recognize large language models (LLMs) as essential business tools, but their manipulation risks call for heightened caution. Vulnerabilities can lead to unauthorized actions, exposing sensitive data and causing significant breaches. Enterprises must adopt a proactive “assume breach” mindset, implementing strict access controls, data sanitization, and sandboxing to mitigate … Read more
October 11, 2024 at 10:07AM Non-human identities (NHIs) have significantly increased in cybersecurity, posing risks as potential entry points for attackers. With far more NHIs than human users, visibility and privilege sprawl are major challenges. To mitigate these risks, organizations must enhance discovery, inventory, and management practices, prioritizing NHI security alongside traditional measures. ### Meeting … Read more
October 1, 2024 at 02:04PM CISOs face challenges in hiring and retaining cybersecurity talent due to limited budgets and skills shortages. Despite boards’ decent understanding of cyber risks, there is a gap in knowledge of mitigation strategies. To address this, CISOs can use AI to ease the burden on teams and engage boards with correlated … Read more
September 25, 2024 at 08:40AM Virtualization technology has revolutionized server-based computing over the past 20 years, optimizing resources and enhancing availability. However, the rise in high-profile attacks on hypervisors poses a significant threat to virtualized tier-one applications. Organizations are urged to consider migrating tier-one applications to physical hardware, the cloud, or SaaS solutions to minimize … Read more
September 17, 2024 at 09:15AM Element Security, an Israeli startup founded in 2021 by Daniel Lublin and Omer Cohen, has raised $5 million in funding. The company has launched a cloud-based Continuous Threat Exposure Management (CTEM) platform and attracted global companies in finance, aviation, and automotive sectors. Element’s platform aims to identify and mitigate risks … Read more
August 28, 2024 at 10:47AM Hitachi Energy advises immediate upgrade to the latest version of MicroSCADA X SYS600 to address multiple critical and high-severity vulnerabilities in the product. The vulnerabilities pose confidentiality, integrity, and availability risks, impacting over 10,000 substations and various industries. Hitachi Energy is not aware of any current exploitation, but urges prompt … Read more
July 17, 2024 at 04:40PM The press release highlights the growing trend of organizations adopting Zero Trust architectures in response to evolving cybersecurity threats. It emphasizes the challenges and common mistakes organizations face when implementing these strategies, such as overlooking organizational culture, underestimating human risk, neglecting the supply chain, failing to plan for sustainable success, … Read more
July 17, 2024 at 12:08PM Enterprise security teams are increasingly addressing the risks associated with the use of AI-enabled applications. An analysis by Netskope found that organizations are implementing controls such as blocking policies and data loss prevention tools to protect against the sending of sensitive data to AI apps. The focus is now shifting … Read more
July 17, 2024 at 07:18AM The text outlines the threat posed by accidental insiders in cybersecurity. It discusses how employees, through lack of awareness or pressure to perform, can compromise security. The text highlights the potential consequences of such breaches and proposes proactive measures to mitigate the risk, emphasizing the importance of training, organizational controls, … Read more