The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think

November 18, 2024 at 12:57PM A recent GitGuardian and CyberArk report reveals 79% of IT leaders faced secrets leaks, with over 12.7 million hardcoded credentials on GitHub. Despite developer and security teams’ efforts, confusion over permissions hampers efficient remediation, averaging 27 days. Implementing a shared responsibility model is essential to address these risks effectively. **Meeting … Read more

The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think

November 18, 2024 at 09:00AM Research by GitGuardian and CyberArk reveals a rise in secrets leaks among IT decision-makers, with over 12.7 million hardcoded credentials exposed on GitHub. Organizations face lengthy remediation times and unclear ownership of security responsibilities. A shared responsibility model between developers and security teams could enhance credential management and reduce risks. … Read more

Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks

October 23, 2024 at 06:36AM A significant portion of security practitioners lack awareness of their organization’s SaaS deployments, with only 15% centralizing SaaS security. This disconnect, paired with a culture that undervalues proactive security, leads to increased vulnerabilities. Establishing a security-first culture and implementing continuous monitoring are essential to mitigate risks associated with decentralized SaaS … Read more

Generative AI Security: Getting ready for Salesforce Einstein Copilot

September 24, 2024 at 10:30AM The article discusses the rollout of Salesforce Einstein Copilot, an AI assistant that aims to revolutionize interactions within the CRM tool. It covers the functionalities of Einstein Copilot, its security model, processing model, and the shared responsibility model for data security. Additionally, it provides best practices for preparing Salesforce Orgs … Read more

When Convenience Costs: CISOs Struggle With SaaS Security Oversight

August 27, 2024 at 09:30AM SaaS deployments often lack central control and clarity, with responsibility for securing SaaS resting mostly on business owners/stakeholders rather than cybersecurity teams. Lack of visibility into SaaS platforms leads to security risks, as many organizations don’t know the full scope of their SaaS applications. AppOmni’s survey reveals a disconnect between … Read more

4 Security Questions to Ask Your Enterprise Generative AI Provider

May 30, 2024 at 08:48AM GenAI is a key focus for enterprise IT strategies, with security teams working to establish best practices. They must ensure data privacy, content accuracy, responsible usage, and security-focused design and development. By addressing these four areas, security teams can understand and enhance the safety and reliability of GenAI technology. Based … Read more

Reducing the cloud security overhead

March 13, 2024 at 05:00AM The modern world offers abundant choices, including multi-cloud infrastructure strategies, resulting in increased complexity and security concerns for enterprises. A study by 451 Research reveals that 98% of companies adopt multi-cloud for reasons like data sovereignty and cost optimization. However, challenges related to security skills, shared responsibility, and visibility persist, … Read more

How Hospitals Can Help Improve Medical Device Data Security

February 8, 2024 at 10:06AM Hospitals and medical device manufacturers must collaborate to protect personal health information from cyber threats. This shared responsibility model requires manufacturers to embed security controls in products, while hospitals ensure their proper use. Manufacturers provide guidelines and materials for hospitals to optimize security measures. Collaboration is vital to maintain a … Read more

Outside the Comfort Zone: Why a Change in Mindset is Crucial for Better Network Security

December 11, 2023 at 07:48AM The enterprise network has traditionally relied on controlled settings and legacy security tools. The COVID-19 pandemic accelerated the shift towards remote work, leading to a more dispersed and vulnerable network. Increased malware and security threats necessitate a proactive approach, shared responsibility, risk-awareness, and preparedness for worst-case scenarios to enhance network … Read more

Doing It Together: Detection and Incident Response with Your Cloud Provider

November 1, 2023 at 06:35PM Detecting and responding to cybersecurity incidents in the cloud can be challenging, especially for those with little cloud experience. Incident management is often overlooked but requires collaboration with the cloud provider. Although the fundamentals of cybersecurity remain the same, there are key differences in threat detection and response in the … Read more