Topic: security
Why your zero trust strategy will fail without automation
Zero trust is broken. Not because it’s a bad idea, but because most organizations are applying it wrong. If your security still depends on humans to approve access requests, verify identities, and respond to threats, you’re already behind. Zero trust’s core principle—trust no one, verify everything—breaks down when manual processes are too slow, error-prone, and … continue reading
Simbian’s new AI Agents enable more efficient security operations
The AI-powered IT security company Simbian has announced a set of three new AI Agents that can “work alongside security teams to enhance the intelligence, speed, and coverage of their entire security program.” SOC Agent investigates and responds to security alerts, leveraging knowledge from security experts, the company’s playbooks, and user guidance to create responses … continue reading
Having a Cyber Resiliency plan – and Cleanroom Recovery – is critical to restoring systems after malicious attacks
In today’s threat landscape, a single ransomware attack can cripple a business for weeks, underscoring the critical importance of cyber resiliency. Attacks are becoming more common and more sophisticated, leaving businesses struggling with staggering costs and devastating downtime. Here’s a concerning reality: many organizations currently believe their recovery strategies will protect them in the event … continue reading
Podcast: Diving into NIST’s quantum-safe algorithms
There’s been a concern that quantum computers could break the current encryption algorithms we use to protect data today. Recently, NIST announced the approval of three quantum-safe algorithms that could withstand quantum computers. IBM developed two of the approved algorithms, so on the most recent episode of our podcast, Get With IT, we interviewed Vadim … continue reading
Stytch updates Device Fingerprinting to improve bot detection
The authentication provider Stytch is releasing new features in its Device Fingerprinting offering aimed at making it easier for companies to detect bots and fraud. Stytch Device Fingerprinting creates unique and persistent fingerprints for each visitor by analyzing subsignals of device hardware, network TLS profile, and active browser markers. It is also invisible to users, … continue reading
Report: AI may have benefits across enterprise, but it’s causing trouble for IT
A majority of IT leaders are worried about the cybersecurity implications brought on by the introduction of AI into their organizations. According to Flexential’s 2024 State of AI Infrastructure Report, 95% of IT leaders said that AI has made their organization more vulnerable to cyberthreats. About half of the respondents believe this is because the … continue reading
Docker will soon deprecate password logins via CLI when SSO enforcement is on
Starting September 16th, Docker is deprecating the ability to use passwords to sign-in to services via its CLI when users have Single Sign-On (SSO) enforcement turned on. SSO enables users to authenticate once and get access to multiple different services. In this case, that includes Docker Desktop, Docker Hub, Docker Scout, and Docker Build Cloud. … continue reading
Fortanix adds File System Encryption in latest release
The security company Fortanix has announced File System Encryption, a new feature that is part of the Fortanix Data Security Manager. With File System Encryption, data can be encrypted at the file system level, which is useful in scenarios where different user groups need access to different parts of a database. Organizations can set up … continue reading
Report: Companies are overconfident in their cyber resilience abilities
A majority of companies believe they have the necessary technologies and processes in place to deal with security events in a timely manner, but new survey data shows that in practice, this isn’t the case. Cohesity surveyed 3,1000 IT and security decision makers for its Global Cyber Resilience Report 2024, and 78% of the respondents … continue reading
The C-suite conundrum: Are senior executives the Achilles’ heel of cybersecurity?
In today’s digital landscape, an organization’s C-suite and senior executives hold the most valuable corporate data and sign-off authorities, representing the highest potential risk over email. Whether it’s inbound spear phishing attacks or outbound mistakes resulting in a damaging data breach, the C-suite is vulnerable. But what do cybercriminals want from these individuals? Are breaches … continue reading
Q&A: The disconnect between the C-Suite and IT practitioners on AI readiness
Tech leaders are eager to reap the benefits of generative AI, but are they really production ready and able to be used in a secure way yet? According to Randall Degges, head of developer relations and community at Snyk, no. He joined us on the most recent episode of our weekly podcast, Get With IT, … continue reading
Report: Majority of security pros admit to using “shadow SaaS” apps
A recent survey from Next DLP revealed that over the last year, 73% of security professionals have used used “shadow Saas,” or SaaS applications not provided or approved by their IT teams. Further, even though they are using shadow SaaS, they admitted to being aware of the risks of doing so, with the most commonly … continue reading
