The modern vehicle comes equipped with a variety of software systems. Especially features that connect it to the outside world, such as online updates, fleet management and communication between vehicles, offer attack surface. The security of automotive software is crucial, not only because bug-induced call-backs are costly, but also because the well-being of passengers depends on it.

Recently, we caught up with Frank Kyazze, Privacy Director here at Kintent, to chat about his experience at the Data Connectors conference in Dallas last month. Frank had the opportunity to serve on the “Protecting Against Cyber Attacks” discussion panel while in attendance. Frank took part in the panel, discussing how now more than ever, it is imperative for organizations to be vigilant against bad actors.

The FedRAMP PMO recently announced new rules for how contractors will need to comply with the Federal Risk and Authorization Management Program (FedRAMP) Authorization Boundary rules in draft format. This is a big deal because FedRAMP compliance is mandatory for any company that wants to do business with the federal government.

We previously covered the basics of FedRAMP by simply asking “What is FedRAMP?” This time, we’re going to talk about how you can get approved as a FedRAMP Cloud Service Provider (CSP). We’ll talk about some of the advantages of being FedRAMP authorized. We’ll also discuss FedRAMP compliance versus certification to understand the difference. Additionally, we will define terms you will need to know during your FedRAMP journey.

We previously covered the basics of FedRAMP by simply asking “What is FedRAMP?” This time, we’re going to talk about how to become FedRamp Certified Cloud Service Provider (CSP). We’ll talk about some of the advantages of being FedRAMP authorized. We’ll also discuss FedRAMP compliance versus certification to understand the difference. Additionally, we will define terms you will need to know during your FedRAMP journey.

In today’s fast-moving and competitive marketplace, you can barely find any businesses and merchants that still haven’t adopted the use of credit cards for their services. More than a third of American cardholders use credit cards for their transactions on a monthly basis. With the rising prevalence of identity theft, over 1.1 billion personal records were exposed by data breaches and credit card fraud alone.

Becoming and staying PCI compliant both take a lot of work. Developers are often already swamped with an endless list of tasks, and adding PCI compliance can be overwhelming. Security awareness is one thing, but a set of requirements is entirely different. It means you have less freedom in how you wish to implement security in your application, and you must understand the requirements demanded by your organization.

The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations of those assets. In addition to managing changes to their infrastructure, organizations must also keep an eye on the changes made to essential files.

The term “open source” refers in particular to records this is publically available. A huge part of the internet cannot be found using major search engines. This is called as “Deep Web”. Deep Web is a mass of websites, databases, files, and more that cannot be indexed by Google, Bing, Yahoo, or any other search engine. Despite this, much of the content of the dark web can be considered open source because it is easily available to the public.

Surveillance is becoming an increasingly standard component of modern life, posing a threat to the idea that people have a right to privacy. In many situations, we unwittingly provide companies with information about our preferences, routines, and interests. In this age of digital era, you must not rely on evolving surveillance regulations and vendors to keep your personal information and security intact.

File Integrity Monitoring, aka as FIM, is a must-have feature for anyone in charge of security. With FIM, one can detect when a critical file, such as a file that belongs to the Operating System, or a key configuration file, is changed. In most cases, configuring FIM is straightforward: If the file changes then generate an alert.

In support of the Executive Order on Improving the Nation’s Cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) recently published a Binding Operational Directive (BOD) 23-01, designed to improve cybersecurity for the Federal Civilian Executive Branch (FCEB) enterprise and their respective unclassified assets.

Have you ever heard an IT security pro talk about their POA&M and wondered what they meant? You’re not alone. Many security consultants and engineers are uncertain about the meaning of the acronym “POA&M”. It stands for Plan of Actions and Milestones. It’s a commonplace term within military and defense working environments.

Data compliance is a crucial and essential factor in organizations that should be carefully followed for data management. Data compliance is more than maintaining relevant standards and regulations and ensuring that the data is secured. The substantial amount of data that is processed and used in organizations must be managed properly. All phases of data access, usage, modification, and storage should be governed by correct policies, protocols, and standards.

Artificial Intelligence’s ability to augment and support progress and development over the past few decades is inarguable. However, when does it become damaging, contradictory even? In our latest Beyond Data podcast AI’s Climate Jekyll & Hyde – friend and foe, Tessa Jones (our VP of Data Science, Research & Development) and Sophie Chase-Borthwick (our Data Ethics & Governance Lead) discuss exactly this with Joe Baguley, Vice President and Chief Technology Officer, EMEA, VMware.