Five worthy reads is a regular column on five noteworthy items we have discovered while researching trending and timeless topics. This week, we will explore the pivotal role of the AI trust, risk, and security management (AI TRiSM) framework in safeguarding the functionality of AI and understand why it is crucial for our protection. Any relationship needs to be fortified with trust to be successful. The human-AI relationship is not an exception.

According to the data collected by Netskope Threat Labs, over the course of 2023, OneDrive was the most exploited cloud app in terms of malware downloads. And if a good day starts in the morning, 2024 does not promise anything good. In fact, at the beginning of January, and after a nine-month break, researchers from Proofpoint detected a new financially motivated campaign by TA866, a threat actor characterized for being involved in activities related to both cybercrime and cyberespionage.

Third-party risk management (TPRM) software is essential for any organization that utilizes third-party providers. If not monitored and managed, third-party vendors pose significant risks to the companies they work with, including cybersecurity, operational, financial, and legal/regulatory/compliance risks. TPRM software works seamlessly to help reduce this risk and provides your organization with ongoing monitoring to address vulnerabilities before they become significant security incidents.

Cloud-based solutions are becoming increasingly common in businesses across industries. Utilizing the cloud allows organizations to seamlessly access data across devices and users, making operations more efficient using digital transformation. However, cloud solutions also present many security concerns, increasing the need for cloud security.

The National Institute of Standards and Technology (NIST) developed the NIST 800-171 framework to set guidelines and security requirements for protecting controlled unclassified information (CUI). NIST first created the framework in June 2015 but has since revised the publication several times, most recently in November 2023.

When planning a hardening project for information security, there are two types of impact analysis to consider – policy impact analysis and security impact analysis. Policy impact analysis refers to generating a report that indicates each policy rule’s impact on your production. It is especially important for avoiding system downtime caused by configuration changes. The second type of impact analysis is Security Impact Analysis.

Network segmentation, software patching, and continual threats monitoring are key cybersecurity best practices for Industrial Control Systems (ICS). Although ICSs significantly improve health and safety by automating dangerous tasks, facilitating remote monitoring and control, and activating safety protocols in the case of emergency, they’re increasingly exposed to cybersecurity threats.

A pair of round number milestones has made me deeply reflective about my life and that of Rubrik. In October, I turned 50. And ten years ago today, my Co-Founders and I started Rubrik. I want to talk more about the second landmark first because it’s not just a personal watershed but a notable one as well for our customers, partners, colleagues, and investors. Let me take you back to Monday, January 27, 2014, which seems like yesterday and long ago at the same time.

Macro technology trends have always impacted and influenced every aspect of the retail industry. From the days of catalog ordering and cash only transactions to today’s personalized, always-on omnichannel experiences where contactless payment has become the norm - the world of retail is almost unrecognizable.