Active Directory is the central directory service created by Microsoft which helps manage users, computers, and other resources within a Microsoft Windows network. It is used to track devices, access and passwords of each employee and store in one central vault. The biggest advantage of Active Directory is it allows organizations to customize data organization, manage user accounts, and control access through group policies.

If you’ve paid attention to recent cybersecurity trends, you know that monitoring your supply chain is important due to the surge in supply chain attacks. But who, exactly, is responsible for that monitoring? Traditionally, the answer has been GRC (Governance, Risk and Compliance) teams, who monitor supply chains to help protect organizations against third-party risks.

The digital supply chain refers to the chain of third-party digital tools, services and infrastructure that your company depends on for a particular first-party service (such as your website or SaaS platform). In an ever-changing digital landscape, supply chains can be brittle with many unseen risks. The nature of supply chain risk is transitive; any part of the often long and complicated digital supply chain can be compromised, causing all components downstream of it to also be compromised.

Generative AI tools like ChatGPT and Google Bard are some of the most exciting technologies in the world. They have already begun to revolutionize productivity, supercharge creativity, and make the world a better place. But as with any new technology, generative AI has brought about new risks—or, rather, made old risks worse.

Retrieval-Augmented Generation (RAG) is a cutting-edge strategy that combines the strengths of retrieval-based and generation-based models. In RAG, the model retrieves relevant documents or information from a vast knowledge base to enhance its response generation capabilities. This hybrid method leverages the power of large language models, like BERT or GPT, to generate coherent and contextually appropriate responses while grounding these responses in concrete, retrieved data.

Cyberattacks on the automotive industry are becoming more sophisticated. In its 2024 Automotive Cybersecurity Report, Upstream found that 50% of all automotive cyber incidents in 2023 had a high or massive impact. Similarly, 95% of all attacks in 2023 were executed remotely, and 37% of attacker activities in the deep and dark web target multiple original equipment manufacturers (OEMs) simultaneously.

Predicting when a cyberattack will happen is a lot like forecasting the weather: It’s impossible to know with certainty exactly how events will play out. But with the right strategy and information, you may be able to predict cyberattacks before they start, or catch them in their beginning stages. We explain the early warning signs of each attack technique, as well as how to assess available data to determine how likely a cyber attack is to happen.

The CIS Benchmarks cover a collection of recommended hardening policies specifying different hosts, applications, and operating systems that include detailed recommendations on system configuration, security settings, and other measures that can help organizations safeguard their IT infrastructure against a wide range of cyber threats. The benchmarks cover various platforms and technologies such as operating systems, cloud environments, databases, web browsers, and mobile devices.

Hardened Baseline Configuration is a crucial aspect of system security for cybersecurity experts and the risk management teams. The secure baseline configuration represents a set of security controls that have been carefully selected and implemented to provide a robust general level of system hardening. There isn’t a one-size-fits-all solution, and specific configurations will vary depending on the type of system (server, desktop, etc.), role and its intended use.