Managed service providers (MSPs) are key players in enterprise security, providing critical security services for customers who often lack in-house teams to manage them. However, the cyberthreat landscape is growing increasingly complex and challenging, even for these experts.

The defense supply chain is a complex network of partners that sell, manufacture, and distribute services or products to defense agencies worldwide. It is made up of both major corporations and smaller sub-suppliers. Each country has its own network of supply chain partners, including manufacturers, software, services and logistics providers that deliver products and services for military materiel applications.

Modern software is built on the backs of APIs (Application Programming Interface). It unites separate bits of the web, allowing systems to communicate with each other. With APIs being used on such a wide scale, managing them becomes a mammoth task.

Time is of the essence, as the transposition deadline for the NIS2 Directive approaches on October 17, 2024, organizations across the EU must brace for its significant impact. This new Directive, updating and expanding its predecessor (NIS1), will dramatically increase the number of regulated entities. According to Ireland’s National Cyber Security Centre, the number of regulated entities is expected to rise from about 120 under NIS1 to an estimated 3,500 under NIS2.

Every organization is different, with its own unique needs, challenges and goals. That means that IT solutions, and especially IT security, must be complex tools that are highly configurable and adaptable to various scenarios. IT security solutions must be flexible and robust enough to handle many situations.

Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation consultant and even a short stint as a Payment Card Industry (PCI QSA) auditor years ago, it has been a while since I looked into this.

Regulatory compliance is a common and critical part of today’s rapidly evolving financial services landscape. One new regulation that EU financial institutions must adhere to is the Digital Operational Resilience Act (DORA), enacted to enhance the operational resilience of digital financial services. The BCI Supply Chain Resilience Report 2023 highlighted that 45.7% of organizations experienced supply chain disruptions with their closest suppliers, which is more than double the pre-pandemic levels.

API Management is a comprehensive process that involves creating, publishing, documenting, and overseeing application programming interfaces (APIs) in a secure, scalable environment. APIs are the backbone of modern software architecture, enabling interoperability and seamless functionality across diverse applications. They facilitate the integration of different software components, allowing them to intercommunicate and share data efficiently.

In the latest episode of the Trust Issues podcast, the focus is on the criticality of time in organizational security. The conversation with host David Puner and guest Katherine Mowen, SVP of Information Security at Rate (formerly Guaranteed Rate), highlights the importance of swift decision-making and prompt threat response. They discuss the role of just-in-time (JIT) access and AI in accelerating response times, as well as the ever-evolving threat landscape that requires constant vigilance.

For cybersecurity professionals tasked with defending the public sector, tackling the U.S. Government Configuration Baseline (USGCB) is just another hurdle to a safer federal tomorrow. Part of a wide collection of necessary federal government compliance requirements, it hones in on which baseline security configurations are necessary for federally deployed IT products.