Five worthy reads is a regular column on five noteworthy items we have discovered while researching trending and timeless topics. This week’s article elucidates what non-human identities are and why they are garnering attention today. Undoubtedly, today’s digital environment is burgeoning with technological advancements across various spheres, and cybersecurity is no exception. We are in an era where automation, cloud computing, and AI play a more critical role than humans.

Security teams are juggling 25+ different security tools that perform different actions across detection, investigation and response. Look up an IP here, send malware to a sandbox there, block an executable over there. What’s worse is that the vast majority of those actions are being performed manually. This approach is simply too slow against fast-moving attackers and malware, and it certainly isn’t sustainable.

Thanks to ChatGPT, you’ve probably heard a lot about generative AI technology over the last few years. Generative AI is artificial intelligence technology that works by taking input data like a request, processing it through different algorithms, and producing an output based on learned patterns. ChatGPT is a generative AI chatbot. 91% of security teams use generative AI, but 65% don’t fully understand the implications.

NISPOM is an increasingly important part of the regulations surrounding work as a government contractor and is especially critical if you handle classified information. It’s also a lengthy and detailed part of the Federal Register and is complex enough that it often takes a specialist to know what’s important and what’s required. So, let’s talk about it.

Mobile devices now account for more than half of all web traffic, and that number seems poised to increase over the next few years. Between the Apple App Store and Google Play Store, there are already more than 5 million applications available — and not all of them are safe. A smart mobile app security strategy can mitigate some of the threats that come from unauthorized, misconfigured, or malicious software.

Do you know how secure your organization’s mobile devices are? You may have a handle on your on-premises device and network security, but the rise of remote employee access and bring-your-own-device (BYOD) policies has created new security challenges. Many organizations rely on endpoint detection and response (EDR) solutions to keep their traditional endpoints secure, but these solutions often don’t prioritize mobile endpoint security.

Smartphones and tablets can be invaluable tools in the workplace. They can also be tempting targets for cyber threats. Mobile attacks are on the rise, and outdated operating systems and misconfigured devices only exacerbate the issue. To protect your data, your users, and your organization’s digital integrity, you need a comprehensive mobile vulnerability management process.

Cybersecurity and operational resilience are paramount for organizations, especially those handling sensitive information. Three prominent compliance standards— the US CMMC 2.0, the Australian CORIE, and the EU’s DORA —address these needs in different sectors and regions. This blog will compare and contrast these standards, highlighting their unique features, similarities, and differences.

Multi-Category Security Translation Service (MCSTrans) daemon provides category label information to client processes requesting information. The label translations are defined in: /etc/selinux/targeted/setrans.conf Run the following command and verify mcstrans is not installed.

Businesses need strong cybersecurity steps because threats are always changing. As cyberattacks get smarter and happen more often, it's more important than ever to have good security processes. SOC Support Consulting is becoming an important part of improving cybersecurity because it gives companies the knowledge and tools they need to quickly find and stop threats.