Before this particular bit of news sails downstream, internal control professionals might want to note that an SEC commissioner spoke this week about the importance of internal controls for cybersecurity. She raised a few points worth considering. The remarks came from Caroline Crenshaw, a Democratic appointee to the Securities and Exchange Commission who, in my opinion, is something of a stalking horse for SEC policy.

NIST is the abbreviated name of the National Institute of Standards and Technology. It’s one of many federal agencies under the U.S. Department of Commerce, and is one of the oldest physical science laboratories in the United States. The agency develops technology and security policies that help drive innovation in science and technology-related industries; and better prepares those industries to meet the requirements of the Federal Information Security Management Act (FISMA).

Another busy month for the team at LimaCharlie. Some of the highlights include the introduction of a new sensor type and our SOC 2 Type 2 certification. I will also take this opportunity to invite you to our first ever dev stream. Join the team at LimaCharlie for an interactive living room style discussion about all that has happened in the last year. Meet the team, learn about new features and the thinking behind them, as well as getting a glimpse of what is coming.

The new year is approaching, and recapping the features and enhancements ADSelfService Plus realized in 2021 is fitting. The integrated self-service password management and multi-factor authentication (MFA) solution for Active Directory and cloud applications added many exciting new features and enhancements. In 2020, the major features released by ADSelfService Plus, like MFA for VPN and conditional access, focused on tackling the security issues that arose with the shift to remote work.

We just open sourced our Kubernetes controller for the Styra Declarative Authorization Service (DAS). If you are interested in managing OPAs via Styra DAS via Kubernetes, read on.

Several of the digital twin technologies out there have grown fast in only a few years. Picture establishing a virtual model of IT infrastructure where one can identify loopholes, create attack scenarios, and prevent catastrophic attacks before the system is officially put in place. Using digital twins, it's no longer a silly idea for organizations to follow. Let's get knowledge of Digital Twin technology and how it can help to assess the loopholes in your security posture.

Military general and philosopher Sun Tzu once led the largest armies in the world and authored The Art of War, still considered a masterpiece of tactical warfare and very relevant as we wage our battles against evolving cyberattacks. That’s because even though threat intelligence is a relatively new discipline in our cyber defense processes, it has actually been around for more than 2,500 years.

We are very excited to announce that Snyk has achieved AWS Security Competency status, further validating our commitment to security excellence in partnering with AWS!

The Data Protection Act is an important part of the cyber domain and legislation for anyone working in health and social care. It governs how to protect the information in health and social care. This blog post will explore the implications of the act on healthcare professionals, patients and other individuals who may have dealings with you as an organisation or individual providing care to others and the importance of protecting sensitive data in health and social care.

During the past month, the following notable high-severity vulnerabilities have been observed. It is recommended that those using affected products take immediate action to assess their exposure and patch and/or remediate as necessary.