October 28, 2024 at 10:08AM The commentary discusses the dangers of using end-of-life (EOL) software within organizations, likening it to ignoring a haunted house’s threats. Many companies cling to outdated software due to budget constraints, risking data breaches. It emphasizes the need for audits, communication, and collaboration to effectively manage and eliminate EOL software. ### … Read more
October 14, 2024 at 09:56PM The commentary reflects on the challenges of “shadow IT” in the security industry, emphasizing the prevalence of outdated systems (“beige desktops”) running unvetted code. While organizations implement controls, shadow IT persists. The author questions whether the Chief Information Security Officer or the Chief Financial Officer should bear responsibility for this … Read more
August 21, 2024 at 07:33AM SaaS applications have revolutionized operations but introduced security vulnerabilities. With the increasing complexity of interconnected SaaS apps, organizations struggle to monitor and secure access. Understanding app usage, permissions, and actions is crucial, along with implementing measures like multi-factor authentication and access monitoring to prevent breaches. Proactive security measures are essential … Read more
August 9, 2024 at 10:01AM Verizon’s latest report shows a threefold increase in hacker exploitation of vulnerabilities, raising concerns for cybersecurity leaders. Organizations face challenges in managing vulnerabilities, with the expanding attack surfaces and difficulties in patching. The report also highlights the growing risks posed by software and partner ecosystems, emphasizing the need for proactive … Read more
June 13, 2024 at 07:48AM Financial cyber-attacks prompt tighter compliance regulations in the financial sector, with other industries expected to follow. Many companies lack efficient methods for managing SaaS security and compliance tasks. Free SaaS risk assessment tools offer incremental upgrades to help meet budget and security needs. Understanding financial sector cyber compliance is key … Read more
February 15, 2024 at 06:35AM Wing Security’s analysis of 493 SaaS-using companies in Q4 2023 reveals the significance of SaaS-related risks following 2023’s cyber attacks. The report underlines the need for SaaS security measures, highlights common SaaS risks, and emphasizes the growing threat of supply chain attacks. It concludes with 8 ways to mitigate SaaS … Read more
October 27, 2023 at 10:13AM Generative AI tools are becoming a nightmare for security teams as they are used to create deepfakes and sophisticated phishing emails. A survey shows that 56% of employees use generative AI at work, but only 26% of organizations have policies in place. Shadow AI, unauthorized AI tool usage, poses a … Read more