Properly closing out construction projects can be a major administrative hassle that takes time away from more productive tasks. Not only do you have to identify and retain your contracts, warranties, and proof of completions, but you also must remove team members who no longer require access to systems and folders. It’s typically a very manual process—but it doesn’t have to be.

Gmail is an immensely popular service, with nearly 2 billion active accounts. And as the service has grown, businesses have turned to it for all kinds of things it was never meant to do: user authentication, password recovery, and perhaps most problematic, the passing of sensitive or regulated data between parties.

Nightfall is a data security vendor that integrates with our customers’ third party applications (Slack, Google Drive, Github, Jira etc) to, on a continuous real-time basis, scan all content being added to these applications for sensitive data.

Aaron McCray, Ignyte’s Chief Operating Officer, is giving a brief overview of the changes to CMMC 2.0, and more specifically its Practice levels vs Maturity levels in the video below. Aaron is a commercial risk management leader by trade and a Commander in the U.S. Navy Reserves.

CIOs are remaking the IT function — no longer will security and developer teams be siloed. Recent survey data from 451 Research, part of S&P Global Market Intelligence, and published by Elastic shows a major shift in who is using application security tools, suggesting that DevSecOps is not just an idea, but a growing reality for IT decision makers. IT decision-makers allocated application security tools to 48% of development teams in 2020, compared to just 29% in 2015.

There’s only one thing that’s certain in cybersecurity: The cyberthreat landscape is constantly changing, and the tools and solutions we have at our disposal to combat cybercrime must continue evolving if we are to stay ahead of — or at least keep up with — them. As 2021 winds down, the Devo security team is already looking ahead to the most pressing cybersecurity trends likely to appear in 2022. Here are my top three predictions for the new year.

The shift to an online-first world, accelerated by the Covid-19 pandemic, has made more consumers choose to shop online than ever before. In 2020, more than 100 million US customers shopped online during the Black Friday weekend, resulting in a 22% increase in online spending. Netacea was interested in how people shopped online, and whether they experienced any Black Friday issues in 2021.

At midnight last Thursday, we experienced one of the most notable infosec events in years. A new zero-day exploit in a popular logging package for Java, Log4j, was discovered. The exact origin and timeline are still being investigated, but it’s important to note that this was not just a vulnerability announcement. The information disclosed was rapidly followed by fully functional exploit code—and the exploit itself turned out to be trivial to execute.

The timing of CISA’s SBOM-a-rama today and tomorrow coincides with the fallout from the “vulnerability of the decade” gifting the industry with yet another example of why scaling and operationalizing the widespread use of SBOMs is so vital. Log4Shell is a 10/10 vulnerability in a hugely popular Java logging library – Log4j – used in virtually every online service. For two decades it was considered harmless, that is until last week when somebody found it wasn’t.