In this blog post, I will be talking about label standard and best practices for Kubernetes security. This is a common area where I see organizations struggle to define the set of labels required to meet their security requirements. My advice is to always start with a hierarchical security design that is capable of achieving your enterprise security and compliance requirements, then define your label standard in alignment with your design.

In this guide, we are covering the facts that you need to know in order to prepare your business to tick off the necessary boxes required to meet CMMC compliance.

Defending against loader-type malware is crucial to avoid a potential ransomware incident, given the fact that is the foothold of the attack kill-chain related to ransomware tactics, techniques and procedures (TTPs). Two of the most recent malware loaders to emerge are SquirrelWaffle and MirrorBlast. While SquirrelWaffle delivers Cobalt Strike payloads to victims, MirrorBlast uses novel techniques to gather intelligence and drop malicious payloads onto devices.

In this blog post, ProcessUnity, the leading provider of Vendor Risk Management software and Cybersecurity Program Management software, covers key strategies for addressing third-party cyber risk. Modern cybersecurity programs need to evolve rapidly to navigate new challenges, such as the COVID-19 pandemic and high-profile cyber attacks.

Today, many organizations look at information security and governance as a baker would icing on a cake. Something you apply at the very end, mostly to make it look better and add a bit of flavor. It isn’t a structural component or key ingredient, its simply there to cover up the raw product. As can be expected, icing cannot save a cake that’s missing key ingredients like sugar, or eggs.

The proliferation of cyberattacks targeting the financial sector has forced the establishment of several mandatory cybersecurity regulations. Though often considered an unnecessary burden on security teams, regulatory compliance is one of the most effective strategies for keeping financial services accountable for their security posture. Cybersecurity regulations must be malleable to remain relevant in a rapidly evolving threat landscape.

What is it like to not only be a CISO but to also be one in a large, global organization? I recently had the pleasure of speaking with Mark Ruchie, CISO of Entrust, a global tech firm securing data, payments and identities.