In the past, we’ve talked a lot about the various FedRAMP guidelines required to reach either a single Authority to Operate or a generalized Provisional Authority to Operate. One thing that can be said to be common to all of these is that, in general, you’re talking about FedRAMP Moderate Impact Levels when you discuss these kinds of standards and certification processes. This is because around 80% of cloud service providers and offerings are classified as Moderate impact.

The world has changed. With the move to hybrid working, the rapid adoption of cloud, increased use of mobile and IoT devices, and more, every organization’s attack surface has expanded and businesses are finding it harder than ever to protect their networks and digital assets. This will undoubtedly be the central theme for this year’s Cybersec Europe.

This week, the SEC issued a statement addressing some of the rampant confusion and inconsistencies observed under the agency’s new cyber breach disclosure rule. The statement itself addresses a technical securities law requirement, that public companies should only use Item 1.05 of Form 8-K to disclose “material” cyber breach information (instead of making voluntary or immaterial disclosures).

Read also: A Russian access broker charged in the US, Coinbase fraudster pleads guilty, and more.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! There certainly has been an increasing number of VPN breaches of late, many of which are SSL based. Time to get rid?

It is a proud and exciting day for me to announce that Bugcrowd has acquired Informer. On this momentous day, I can’t help but take a walk down memory lane, thinking about the past decade of hard work and innovation that led us to this moment. Ten years ago, I founded a specialist penetration testing business called The Security Bureau. As our client base grew, certain patterns emerged and it became clear that many organizations were unsure of exactly which assets were internet-facing.

GitGuardian's Confidence Scorer, a machine-learning model, is being rolled out. Learn how it advances secret detection on GitHub and drives impactful developer alerts.

In today’s digital age, organizations are often crippled by a cybersecurity environment that is fragmented and complex. The jumble of security data — from intrusion detection systems to vulnerability management platforms and more — scattered and isolated across various tools, hinders a unified approach to security.

The cybersecurity industry has seen radical changes over the past year–changes that may alter the trajectory of the industry. In partnership with analyst firm Enterprise Management Associates (EMA), today Keeper announces Information Security and Compliance Future Trends 2024, a report that analyzes recent research and industry data to highlight key shifts in the cybersecurity industry and offer insights into current trends and future directions.

As part of our ongoing partnership and investment in Microsoft, we have deepened our integration with Microsoft's Copilot within Microsoft Teams. This integration expands Copilot's capabilities by incorporating Egnyte as an additional data source. Microsoft 365 Copilot users can now derive valuable insights from documents stored in Egnyte, enhancing the usefulness of both Egnyte and the Microsoft Copilot solution for joint customers.