OWASP Addresses API Security
API attacks are skyrocketing. According to Salt Security’s State of API Security report, “overall API traffic increased 141% while malicious traffic grew 348%.” These attacks are getting past traditional security systems, turning APIs into a top application attack vector. These findings are in line with a Cloudentity State of API ... Read More
Red Teams and the Value of Open Source PoC Exploits
Red Teams are a necessary part of a good cybersecurity program. The Red Team is offensive security, explained Richard Tychansky, a security researcher speaking at (ISC)2 Security Congress. During the Red Team process, Tychansky said there are several stages to follow: • The organization and the Red Team (whether in-house ... Read More
Staying Current in an Ever-Changing Regulatory Landscape
It’s not just that there is a lot of data generated today; it’s how quickly that data is generated. The hourly increase in data makes meeting regulatory compliance difficult enough, but adding to the challenge is the ever-changing regulatory landscape. How do you continue to stay compliant when you are ... Read More
Regulatory Compliance Mandates Encourage Better Cybersecurity
Cybersecurity risks are directly tied to legal and regulatory risk, according to a recent (ISC)2 Security Congress session. John Bandler, founder of Bandler Law Firm PLLC and Bandler Group, said the legal requirements relating to information governance include cybersecurity, privacy, incident response and breach reporting. Bandler believes the laws and ... Read More
The Challenge of Regulatory Compliance for Critical Infrastructure
Healthcare has HIPAA. Credit cards and electronic payments have PCI DSS. Consumers have GDPR and CCPA. There is an alphabet soup of regulatory compliance requirements that many industries must follow to offer layers of cybersecurity protection to those businesses and customers. However, some of the biggest and best-known cybersecurity incidents ... Read More
Congress Tackles Data Privacy Compliance for FinTech
When Democrats and Republicans in Congress agree on an issue, you know the problem must be serious. In this case, the problem is third-party FinTech data sharing. According to Roll Call, the House Financial Technology Task Force held a hearing to discuss “whether consumers understand the degree of access they ... Read More
Closing the Security Gaps at the Edge
More than 18 months into the COVID-19 pandemic and the new normal of the workplace, organizations continue to figure out how to best approach cybersecurity. And they are struggling. A new study from Lynx Software Technologies found most American executives believe their company has serious security gaps, and that remote ... Read More
Challenges Securing the Edge
Cybersecurity is all about protecting data, but it’s clear organizations need to make a greater effort to protect that data where it is, not where they’d like it to be or think it could end up. As more organizations are making the transition to edge computing, that’s where security needs ... Read More
Securing the Edge in the Supply Chain
The supply chain is something most people take for granted—until something goes wrong. The pandemic highlighted just how quickly business can grind to a halt if the supply chain is disrupted. Organizations have found that edge computing makes the supply chain run more efficiently, but this move to the edge ... Read More
Securing the Edge in a Hybrid Environment
A year ago, the buzz in cybersecurity was around how to best secure a remote workforce. Today, organizations have to consider how to secure a hybrid environment, with not just a mix of on-premises and cloud-based infrastructure but also with a workforce that is splitting time between the office and ... Read More