supply chain security

Combating cyber threats with zero trust and supply chain security

Posted on by Admin
Combating cyber threats with zero trust and supply chain security

The cyber threat landscape is growing more complex and challenging to contend with, exacerbated by advancements in artificial intelligence and increasingly sophisticated cyber criminals. The volume and severity of attacks are increasing in tandem; Keeper Security’s 2024 Insight Report revealed that 92% of IT security leaders have seen an increase in cyber attacks year-over-year.  Among the most pervasive threats to enterprises today are software supply chain attacks. The 2024 Verizon Data Breach Investigations Report revealed…

Read More

Ava Turner Leone | Women in Security 2024

Posted on by Admin
Ava Turner Leone | Women in Security 2024

Thriving in security When Ava Turner Leone first entered the workforce as an officer manager for an import customs brokerage firm, she couldn’t have imagined where her career would take her over the next 26 years. “Early on my career really was happenstance, it was completely kind of unplanned in terms of what direction that I was going, I didn’t know what I wanted to do or where I was headed,” Turner Leone says. Her…

Read More

Fortifying the software supply chain: A crucial security practice

Posted on by Admin
Fortifying the software supply chain: A crucial security practice

The software supply chain (SSC) serves as the backbone of software development, encompassing every stage from code creation to deployment infrastructure. However, the very interconnectedness that makes the SSC efficient also renders it vulnerable to escalating cyber threats. The urgency of software supply chain security Software supply chain security (SSCS) is paramount in safeguarding the integrity and security of software throughout its lifecycle. The gravity of reinforcing SSCS is underscored by the “State of Software…

Read More

Open source developer tools have won: That’s a supply chain risk

Posted on by Admin
Open source developer tools have won: That’s a supply chain risk

It’s a done deal. In terms of market share, mindshare and innovation, open source developer tools have won the battle for the hearts and tool belts of engineers everywhere. From IDEs to build tools to package managers, open source has become the backbone of modern software development environments.  While this is a clear triumph for open source, we must also acknowledge the elephant in the room — the potential for massive supply chain risks. Developer…

Read More

Better software supply chain security through SBOMs

Posted on by Admin
Better software supply chain security through SBOMs

An executive order from President Biden in 2021 focused on enhancing software supply chain security. This added transparency can help to identify and mitigate security risks, such as vulnerabilities in open source components or malicious code that has been inserted into the supply chain. These Software Bills of Materials (SBOMs) play an important role in enhancing software supply chain security by providing transparency into the components used to build software. This requirement is designed to…

Read More

Closing the gap between physical and cybersecurity

Posted on by Admin
Closing the gap between physical and cybersecurity

With an increase in in-person work, security leaders have looked into improving their physical security solutions. This could include updating their access control measures, video surveillance or hiring additional security staff. According to the Genetec State of Physical Security Report, 33% of respondents stated that their physical security systems were on-premises and 67% were cloud or hybrid-cloud. Fifty-five percent of respondents stated that their information technology (IT) department has access to physical security data. The…

Read More

Google Offers Bug Bounties for Generative AI Security Vulnerabilities

Posted on by Admin
Google Offers Bug Bounties for Generative AI Security Vulnerabilities

Google’s Vulnerability Reward Program offers up to $31,337 for discovering potential hazards. Google joins OpenAI and Microsoft in rewarding AI bug hunts. Image: Markus Mainka/Adobe Stock Google expanded its Vulnerability Rewards Program to include bugs and vulnerabilities that could be found in generative AI. Specifically, Google is looking for bug hunters for its own generative AI, products such as Google Bard, which is available in many countries, or Google Cloud’s Contact Center AI, Agent Assist….

Read More

Report: Supplier cyber weaknesses impact big business

Posted on by Admin
Report: Supplier cyber weaknesses impact big business

Report: Supplier cyber weaknesses impact big business | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website Uses…

Read More

US Cybersecurity Strategy Shifts Liability Issues to Vendors

Posted on by Admin
US Cybersecurity Strategy Shifts Liability Issues to Vendors

Governance & Risk Management , IT Risk Management , Standards, Regulations & Compliance Holding Vendors Liable for Insecure Apps Fuels Safe Harbor, Transparency Questions Michael Novinson (MichaelNovinson) • March 2, 2023     Photo: The White House website A new federal strategy to make commercial manufacturers liable for insecure software requires an attainable safe harbor policy and could be a disincentive for software manufacturers in sharing important vulnerability information with the U.S. government, according to…

Read More

AMA: Supply Chain Security Leader Edition — Scott Martino

Posted on by Admin
AMA: Supply Chain Security Leader Edition — Scott Martino

AMA: Supply Chain Security Leader Edition — Scott Martino | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This…

Read More
1 2 3 4