May 10, 2024 at 11:09AM The US government plans for Microsoft’s Brad Smith to testify before a House committee regarding the company’s recent cybersecurity failures. This follows scrutiny over the June 2023 attack on Microsoft Exchange and a subsequent breach by Russia’s Midnight Blizzard crew. Microsoft has pledged significant changes and introduced the Secure Future … Read more
February 28, 2024 at 10:51AM The annual Cyber Insights series by SecurityWeek discusses pressing cybersecurity issues. The 2024 edition addresses the evolving role of CISOs, the dilemma of API security, and the expanding attack surface. It includes perspectives from industry experts and highlights the growing need for proactive security measures. The threats to APIs are … Read more
December 13, 2023 at 10:07AM After the Log4j incident, there is increased scrutiny on the security of software supply chains. Key stakeholders including the US government, CISA, the EU Commission, the UK’s NCSC, and Japan are collaborating to enhance the utility of software bills of materials (SBOMs). However, challenges lie in implementation, responsibility allocation, and … Read more
December 12, 2023 at 02:04PM The EU Cyber Resilience Act requires manufacturers to prioritize security-by-design, enhancing global tech protocols. It places responsibility on manufacturers to ensure products are secure throughout their lifecycle, aiming for transparency in cybersecurity practices. Non-compliance could result in significant fines. This act will likely influence cybersecurity standards globally. Key Takeaways from … Read more