As digital transformation continues to multiply pathways to personal data, complete GDPR compliance is getting harder to attain. Whether you’re a data protection officer or a cybersecurity professional helping your organization remain compliant, this blog suggests advanced GDPR compliance strategies you may not have yet considered - beyond that delightful cookie consent notice we all love.

Supply chain cybersecurity and resilience have become pivotal across various cyber regulations, most notably NIS2 and DORA. In this blog, stemming from our latest ebook '5 Proven Strategies to Maximize Supply Chain Cyber Risk Management’, we will explore the reasons why resilience is a new mandate for CISOs today and, most importantly, how to secure the supply chain at scale—in line with evolving regulatory requirements.

As your business evolves to serve more users, your applications and infrastructure will generate an increasing volume of logs, which may contain sensitive data such as credit card numbers, IP addresses, and tokens. When you collect sensitive data, you may be subject to laws such as GDPR—which restricts the transfer of personal data across borders, and you may face legal consequences if this data is exposed outside your infrastructure.

April 16, 2024: UnitedHealth Group, parent of Change Healthcare, reported on April 16, 2024 in its Q1 results a negative impact of $872 million “in unfavorable cyberattack effects” due to cyberattack direct response costs and the business disruption impacts. The company anticipates additional costs associated with the attack.

When looking for sensitive information and other valuable assets, attackers rarely access their target directly. Instead, they find vulnerabilities in other components and use them to weave through the system and escalate privileges where they can. Because containers add a layer of complexity to already large and complex applications, the attack surface is increased, giving threat actors more to work with.

As the premier hub for recognizing excellence in the Internet of Things (IoT), IoThinkTank’s awards highlight the creativity, innovation, and dedication of leaders within the IoT ecosystem.

A hacker known as "IntelBroker" has purportedly breached Space-Eyes, a geospatial intelligence firm, potentially exposing sensitive US national security data. Authorities are currently investigating the claim, recognizing the potential ramifications it could have on critical government operations.

In any system, it’s important to know who is trying to gain access, whether successful or not. This is especially important when trying to keep something secure, like a network or confidential data. Ensure ‘Audit Credential Validation’ is set to ‘Success and Failure' keeps track of attempts to access a system, whether successful or not, using specific credentials, such as a username and password, and logs it.

The Payment Card Industry Data Security Council created PCI DSS as the global standard for protecting payment data. The PCI DSS is the compliance stick to which entities that transmit, store, handle, or accept credit card data of any size must adhere. Recently, PCI DSS came up with version 4.0. In this blog, we delve deeper into the new version and explain why securing APIs is critical for PCI DSS compliance and how organizations can do so.

Organizations are increasingly concerned about high-profile employees’ information being exposed on the deep and dark web. The CrowdStrike Counter Adversary Operations team is often asked to find fake social media accounts and personally identifiable information (PII) that might be exposed. Impersonations and leaked PII can unravel lives and ruin the reputations of individuals and their organizations.