compliance

Managing the invisible risk of non-human identities

Posted on by Admin
Managing the invisible risk of non-human identities

In the dynamic world of cybersecurity, identity and access management (IAM) is a pivotal foundation. Ensuring that only authorized individuals and systems can access company resources is imperative. Unfortunately, while many organizations excel at managing human identities, they often need to pay more attention to a growing and potentially more hazardous category of digital actors known as non-human identities (NHIs). These unseen entities, which include service accounts, APIs, bots, and more, are rapidly multiplying, leading…

Read More

Protecting financial institutions in the era of AI-driven threats

Posted on by Admin
Protecting financial institutions in the era of AI-driven threats

As open-source AI tools become more accessible, ransomware attacks are growing increasingly sophisticated. Scammers are now using AI in targeted spear phishing attacks, where highly personalized information is used to gain access to medical or financial information.  Financial service organizations are particularly at risk when it comes to these kinds of attacks — not only do they hold and exchange large sums of money, they also store and process highly sensitive information of their customers. …

Read More

The future of security and access control for office spaces

Posted on by Admin
The future of security and access control for office spaces

Effective physical security is essential to any brick-and-mortar establishment, but it is even more crucial in the commercial real estate industry. Securing a workplace involves more than simply monitoring the entryway to the building — so how can security leaders ensure they are being proactive about defending their offices?  Here, we talk with Security talks with Andrew Campagnola about emerging threats in office building security and how security leaders can address these concerns.  Security magazine: Tell us about…

Read More

Unlocking digital trust: The power of collaboration in a data-driven world

Posted on by Admin
Unlocking digital trust: The power of collaboration in a data-driven world

Digital trust has become the cornerstone of successful organizations in today’s data-driven and artificial intelligence-influenced world. Customers, partners and employees alike are increasingly basing their decisions on how much they trust an organization to oversee their information securely and responsibly. ISACA’s 2024 State of Digital Trust report underscores this reality, highlighting both the critical role of security and the need for enhanced collaboration across digital trust functions. The survey, which polled more than 5,870 ISACA…

Read More

Workplace compliance considerations for California Senate Bill 553

Posted on by Admin
Workplace compliance considerations for California Senate Bill 553

The California Senate Bill 553 (CA SB 553), which went into effect on July 1, 2024, is a milestone in labor law legislation. The bill introduces new safety obligations for most businesses in California, aimed at addressing growing concerns around workplace violence. Specifically, CA SB 553 mandates the implementation of comprehensive workplace violence prevention plans (WVPPs). These plans must include procedures for identifying and addressing potential security risks, maintaining extensive and auditable records of each…

Read More

The journey toward secure software development lifecycles

Posted on by Admin
The journey toward secure software development lifecycles

The digital transformation race is on, and companies are churning out applications at an ever-increasing pace. Unfortunately, this speed often comes at the cost of security. A recent study revealed a shocking statistic: 92% of companies experienced a breach due to vulnerabilities in their own internally developed applications. A different approach is clearly needed. The solution might be found in the security philosophy known as “shift-left,” which essentially promotes the integration of security practices earlier…

Read More

Accelerating SaaS solution delivery to the U.S. Federal Government

Posted on by Admin
Accelerating SaaS solution delivery to the U.S. Federal Government

Synopsis: The Cisco Federal Operational Security Stack streamlines the process for Cisco SaaS solutions on their FedRAMP journey, bringing a myriad of benefits. It revolutionizes product engineering team workflows by offering a centralized and integrated suite of tools and services that cover a significant number of FedRAMP security requirements. This efficiency decreases engineering team effort, enabling them to focus on enriching solution features and accelerating their FedRAMP readiness. In 2023, the FedRAMP Authorization Act was…

Read More

The crucial role of security and compliance in the cannabis industry

Posted on by Admin
The crucial role of security and compliance in the cannabis industry

The cannabis industry is experiencing exponential growth as more regions legalize its use for both medicinal and recreational purposes. This expanding market presents unique opportunities but also comes with unique challenges in the realms of security and compliance. Compliance and security in the cannabis industry, while closely related, address different aspects of operational integrity. Compliance focuses on adhering to local and state regulations to ensure legal and safe production and distribution, whereas security involves protecting…

Read More

Accelerating SaaS security certifications to maximize market access

Posted on by Admin
Accelerating SaaS security certifications to maximize market access

The regulatory landscape for Software-as-a-Service (SaaS) offerings is rapidly changing worldwide as governments seek to address concerns around privacy, security, and data sovereignty. While the European Union’s Cybersecurity Certification Scheme for Cloud Services (EUCS) has set a high standard for data protection, Asian countries are also stepping up their regulatory frameworks. For instance, the Information System Security Management and Assessment Program (ISMAP) in Japan provides a baseline standard of protection for user data, imposing stringent…

Read More

Accelerating SaaS security certifications to maximize market access

Posted on by Admin
Accelerating SaaS security certifications to maximize market access

The regulatory landscape for Software-as-a-Service (SaaS) offerings is rapidly changing worldwide as governments seek to address concerns around privacy, security, and data sovereignty. While the European Union’s Cybersecurity Certification Scheme for Cloud Services (EUCS) has set a high standard for data protection, Asian countries are also stepping up their regulatory frameworks. For instance, the Information System Security Management and Assessment Program (ISMAP) in Japan provides a baseline standard of protection for user data, imposing stringent…

Read More
1 2 3 4 17