To solve the supply chain security dilemma, producers must get back to security basics. Get best practices for securing your supply chain. Nobody wants to be known as the weak link in the chain—any chain. But too many organizations are at risk of being just that in the digital supply chain because they haven’t made the cyber security of their products a priority. The most recent evidence of that is the SolarWinds/Orion cyber attack that impacted more than 18,000 organizations.

As digital security and data privacy become increasingly caustic issues, regulatory compliance is exceedingly challenging. Not only are various regions implementing unique standards, but industries, municipalities, and platforms are issuing new guidelines as well. While CTOs have many solutions for ensuring system compliance, the human element remains more difficult to oversee, mandate, and manage.

Trying to work out the best security tool is a little like trying to choose a golf club three shots ahead – you don’t know what will help you get to the green until you’re in the rough. Traditionally, when people think about security tools, firewalls, IAM and permissions, encryption, and certificates come to mind. These tools all have one thing in common – they’re static.

With more people working from home, the threat landscape continues to change. Things change daily, and cybersecurity staff needs to change with them to protect information. Threat hunting techniques for an evolving landscape need to tie risk together with log data. Within your environment, there are a few things that you can do to prepare for effective threat hunting. Although none of these is a silver bullet, they can get you better prepared to investigate an alert.

Writing secure code in a way that prevents code injection might seem like an ordinary task, but there are many pitfalls along the way. For example, the fact that you (a developer) follow best security practices doesn’t mean that others are doing the same. You’re likely using open source packages in your application. How do you know if those were developed securely? What if insecure code like eval() exists there? Let’s dive into it.

CloudCasa™, a simple, scalable, cloud-native data protection service that supports all leading Kubernetes distributions and managed services, is now generally available through the SUSE Rancher™ Apps & Marketplace. With increasing adoption of cloud database services, CloudCasa adds cloud database support starting with Amazon RDS to its Kubernetes data protection service – addressing both Kubernetes and RDS support in a single data protection service.

Cross-site scripting (XSS) is #7 in the current OWASP Top Ten Most Critical Web Application Security Risks – and the second most prevalent web application vulnerability. It is thought to exist in two-thirds of all applications.

When it comes to cybersecurity, industrial IT—consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises. It would take some time to close the gap, but concerted efforts have already been made to upgrade the security of industrial IT and improve the efficiency of OT and ICS.

Organizations are increasingly turning to containers to fuel their digital transformations. According to BMC, a 2019 survey found that more than 87% of respondents were running containers—up from 55% just two years earlier. Additionally, 90% of survey participants that were running applications in containers were doing so in production. That was up from 84% in 2018 and two-thirds of surveyed IT professionals a year before that.

For our first specialist interview on the Logit.io blog, we’ve welcomed Scott Steinburg to share his thoughts on the current state of cybersecurity as well as the reasons behind writing his new book Cybersecurity: The Expert Guide. Scott is the creator of the popular Business Expert’s Guidebook series, host of video show Business Expert: Small Business Hints, Tips and Advice and CEO of high-tech consulting firm TechSavvy Global.