With the regular and much needed update to critical standards such as HIPAA, auditors and compliance experts need to be continuously on their toes to review and acquaint themselves with these new developments. One of the latest such updates is the Health Information Portability and Accountability (HIPAA) Enforcement rule, which has caused quite a stir in the industry due to confusion about its applicability.

This is part of my two-part blog series about HALOCHAIN technology. In this introductory blog, you will get a glimpse of SECUDE’s HALOCHAIN technology (Patent Pending) and how it will revolutionize the digital trading business. In my next blog, I will write about how system administrator holds the key to the company’s most critical data and how HALOCHAIN technology can be used to mitigate the risks related to log file manipulations.

Security teams that work in highly regulated industries or build solutions for consumers must adhere to compliance controls and regimes required for their business. One of the most important compliance requirements for many companies is the SOC 2 audit. The SOC 2 audit provides detailed information and quality assurance about essential security factors such as the confidentiality of data under your organization’s stewardship, privacy controls, and many other standards.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore why organizations should implement Zero Trust in 2021. In 2010, John Kindervag introduced the concept of “Zero Trust” which has become a touchstone for cyber resilience and persistent security. Zero Trust is not a security product, architecture, or technology.

Servers are the backbone of an organisation’s IT infrastructure as they provide both information and computational services to its users. And because of their critical role, servers are always a prime target for hackers looking to exploit any vulnerability they can find, leading to data breaches and financial and reputational damage.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. MageCart might have subsided (for now) but now its the turn of a ecommerce stalwart WooCommerce to have a high profile issue.

Google Forms is one of the preferred tools used by cybercriminals to quickly set up and deliver phishing pages. We have seen examples of Google Forms pages mimicking Microsoft Office 365 logins (one of the preferred imitated applications), financial institutions like American Express, and in general any applications. Despite the naïve layout, the tool is flexible enough to build an (un)realistic login page with few clicks.

The recent flurry of supply chain attacks has left a trail of carnage spanning across the globe Because supply chain attacks compromise a higher number of victims with less effort, cybercriminals are unlikely to forgo this efficient attack method without a fight.

As a result of the Covid-19 pandemic, organizations in all industries ramped up their digital transformation efforts to make online operations easier for their employees and customers. But with more and more organizations online, the digital attack surface is growing at a record pace. The more applications with vulnerable code, the more opportunities for a cyberattack. In fact, our research found that 76 percent of applications have at least one security vulnerability.

The onset of ServiceNow has relieved the IT Services workforce. With CloudFabrix RDA added to it, we made it even better. Let’s face it that many IT Service transformation implementations take longer because of a lack of automation around migration and production. The efficiency of ITSM is further compromised due to the absence of data automation and enrichment. ServiceNow with Robotic Data Automation stirs a positive impact on three critical areas of data operations ITSM teams.