As anyone who has built or introduced a new project or product knows, success doesn’t happen overnight. It takes time and patience. When we first started the Open Policy Agent (OPA) project in 2016, we didn’t just spend all of our time on code — a lot of it was spent building awareness around the project and the community. As OPA started gaining traction, we were encouraged every time we’d hear a developer talk about OPA at a conference or mention it in a blog post.

EU representation isn’t a new thing – it’s a core component of the GDPR – but it has become something that UK companies need to be aware of post Brexit. Up until 31st December 2020, UK companies didn’t need to worry about having an EU representative, as the UK was a part of the EU. Now things have changed, and many UK businesses need to find an EU data representative in order to maintain compliance with EU GDPR.

The Australian Cyber Security Center (ACSC) strongly advises against paying ransoms of any amount to cybercriminals. In some circumstances, these payments could even be illegal. The Australian government is tightening its cybersecurity regulations to align with the United State's new stance on nation-state threats. As a result, there have been significant changes to how Australian businesses are expected to respond to cyberattacks.

The percentage of open source code in the enterprise has been estimated to be in the 40 percent to 70 percent range. This doesn't make the headlines anymore, but even if your company falls in the average of this range, there is no dearth of work to do to clean up, comply with AppSec policies, and ship the product. Phew! So where do you start when it comes to resolving all the vulnerabilities uncovered in your open source libraries?

Digital transformation is at the heart of every industry. There are no longer any industries that are immune to the rapid adoption of this movement. When we think of the construction industry, we may think back to an image of ironworkers sitting over a city and enjoying a lunch break on a construction beam. However, rapid digitalization has transformed the construction industry and will continue to drive change and encourage innovation.

Cybercriminals use ransomware to block organizations from accessing their critical business data to extort ransoms. Data encryption protects data wherever it resides. The encrypted data becomes obsolete as encryption makes it difficult for the ransomware to detect it and attack. A good data backup & restoration strategy and a DRM solution are the key factors when companies want to respond to ransomware attacks. These allow companies to restore the data encrypted during the attack.

Creating a secure software development life cycle can lower risk, but security must be embedded into every step to ensure more secure applications. On May 6, 1937, the Hindenburg airship burst into flames while docking, causing 35 deaths and bringing the airship era to a sudden close. In hindsight, it seems tragically obvious. Fill a giant bag with highly flammable hydrogen gas and trouble is bound to follow.

We have a saying at Splunk. It goes something like “if you’re ever having a bad day, go and talk to a customer”. What organizations around the world are doing with their data and Splunk brings a huge smile and an eyebrow raising, positive “can’t quite believe you’ve done that” very-impressed nod of the head. That’s never more true than with our security customers.

Most businesses today understand that cybersecurity should be a central part of their operations. Still, more often than not, professionals view security as an extra feature, something to add on after settling everything else. This has been the predominant approach for years, and it’s part of why so many companies find themselves vulnerable. Rising cybercrime has made the need for change increasingly evident, and many companies are responding.

The goal of system hardening (or security hardening) is to reduce the attack surface. It includes reducing security risks and removing potential attack vectors. By removing superfluous programs, accounts functions, applications, ports permissions access etc., the reduced attack surface means the underlying system will be less vulnerable, making it harder for attackers or malware to gain a foothold within your IT ecosystem.