Spoiler alert: In 2022, audits found open source in 100% of our customer engagements.
Since open source usages are now so pervasive, companies are increasingly concerned about the security of applications built on the foundation of open source components. Consequently, open source security and license compliance...
In today's rapidly evolving threat landscape, cyber attacks are becoming more sophisticated, with spear phishing attacks now the most common way for cybercriminals to enter an organization. With the advent of new technologies like ChatGPT and Deepfakes, the situation is only getting worse. ChatGPT is being used to...
Today’s evolving cyber-risk environment requires an ‘assume breach’ mindset.
Chief Information Security Officers (CISOs) know it. So do regulators, IT Security auditors, boards and cyber insurance providers, who are increasingly mandating adoption of Zero Trust cybersecurity principles.
Join CyberArk for...
The need to implement zero trust at scale is growing ever more critical. In this video interview with Information Security Media Group, subject matter experts Srinivas Tummalapenta of IBM and Justin Douglas of Palo Alto discuss the guiding principles of scaling zero trust.
How can successful organizations prepare for a possible recession? Most look for ways to reduce costs. Despite inflation and uncertainty, however, organizations aren't slowing their spend on security. Surprising? Maybe not. Savvy executives now see remote work as a cost-savings opportunity, and they're taking...
The nature of the new "norm" in this post-pandemic era of remote work is revolutionizing how your organization has to operate. With dozens of applications used across a diverse landscape, how do you ensure that your organization stays secure while being compliant with changing rules and regulations?
Cyber risk quantification (CRQ) is the measure of an organization’s cyber risk expressed in monetary terms, like dollars. CRQ has many benefits, but few security professionals understand how to implement it.
Join Paul Kelly, former head of risk at HSBC, and Chris Griffith, chief product officer at Balbix, as they...
RegScale has purchased a startup founded by the FCC's former chief data officer that makes documenting compliance easier for nontechnical personnel by using a questionnaire. The GovReady deal means customers will be able to demonstrate their adherence to standards by answering questions.
Ninety-four percent of recent survey respondents are concerned that TLS 1.3 will break their existing security controls. With the ever-expanding amount of encrypted network traffic mandated, it’s important to understand how to balance user and customer privacy with security controls. Join experts from Cisco Security...
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
Immersive Labs completed a funding round just weeks after laying off 10% of its workforce to cover more developer languages and safeguard Azure and Google Cloud. The Ten Eleven Ventures-led funding will help Immersive Labs expand its coverage from frontline cybersecurity staff to development teams.
ISACA's State of Digital Trust 2022 survey shows significant gaps between what enterprises are doing and what they should do to earn customer trust in digital ecosystems. While 98% of those surveyed say digital trust is important, only 12% have dedicated staff roles to digital trust.
Tenable wants to help the cybersecurity industry move away from traditional vulnerability management focused on giving customers a list of vulnerabilities. Instead, CEO Amit Yoran wants to help customers understand their exposure and how they can effectively manage and reduce risk.
When security practitioners lose their initial enthusiam for hunting cyberthreats, their companies begin to fail at cybersecurity, says CISO Marco Túlio Moraes. He discusses how collaborating with the business lines and moving from awareness to education all around can help fix this problem.
A well-managed multi-cloud strategy "is a sensible approach" because it allows organizations to move different workloads between providers, but it gets a "bit more complicated when you start thinking about workload portability," says Lee Newcombe, security director, Capgemini U.K.