Every IT admin, regardless of the company size or employee count, shares a common fear: data breaches. The horror of discovering their organization’s data exposed on the dark web, accessible to anyone, is definitely a nightmare. So, IT admins are on the constant lookout for leading solutions that protect access to organization data and manage employee identities effectively. But where does the real challenge lie? In managing the employee identities, or their access to data?

Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’re looking at four machine learning-related risks to watch out for. Machine learning (ML) is truly mind-blowing tech. The very fact that we’ve been able to develop AI models that are capable of learning and improving over time is remarkable.

Establishing a proactive security posture involves a data-driven approach to threat detection, investigation, and response. In the past, this was challenging because there wasn’t a centralized way to collect and analyze security data across sources, but with Amazon Security Lake it is much simpler.

An attack vector, also known as a threat vector, is a way for cybercriminals to gain access to an organization’s network or system. Some common types of attack vectors that organizations need to defend against include weak and compromised credentials, social engineering attacks, insider threats, unpatched software, lack of encryption and misconfigurations. Organizations must identify all of the potential attack vectors and protect their network against them to avoid security breaches.

Imagine someone having access to all your documents, photos, and even your browsing history. It may sound like something out of 1984, but using Google’s products can be a nightmare for your privacy. Despite this, Google Drive has over 200 million active users choosing to store their files with Google. Although Google offers many features with Drive, Chrome, and YouTube, and more,this convenience comes at a cost—your privacy.

In the landscape of modern application development and deployment, Kubernetes has transcended its adoption phase to become a cornerstone technology for organizations worldwide. According to the Cloud Native Computing Foundation (CNCF), a staggering 96% of organizations are actively using or evaluating Kubernetes, with over 5.6 million developers worldwide embracing its capabilities.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! You take a long bank holiday weekend and the (Linux) world falls apart. Ouch.

The role of the Chief Information Security Officer (CISO) has undergone a transformation as profound as the threats we face. Between new regulations such as SEC, NIS2, and DORA, the explosion of generative AI, and the rapidly expanding attack surface, the burden is now on cybersecurity leaders to not only protect the organization but build confidence with customers, regulators, board members, and other stakeholders. The key to building trust? Storytelling.

Let’s not waste time. You’re here because you’re building a webhook feature in your app. Unfortunately, there are quite a few things that can go wrong from a security perspective. This article aims to ensure that you’re not making any well-known mistakes while building webhooks.

A look at the recently discovered backdoor hiding in the open source XZ Utils compression service.