When it comes to evaluating technology in the home, there seems to be no shortage of new devices and shiny gadgets, mainly part of the Internet of Things (IoT), to discuss. Unfortunately, there seems to be no shortage of security issues to consider regarding these same devices, either.

Most organizations have already begun their shift to the cloud. In its Cloud Computing Survey 2020, for instance, International Data Group (IDG) found that 81% of respondents had at least one workload or segment of their computing infrastructure in the cloud. That percentage could grow by the end of the year, as IDG found that 32% of total IT budgets will go to cloud computing—up from 30% in 2018.

Insider threats remain one of the biggest issues plaguing cybersecurity. A study by Ponemon shows that the costs of insider threats leaped 31% in just two years, from $8.76 million in 2018 to $11.45 million in 2020. The same report shows that it takes companies an average of 77 days to contain an insider threat incident. Forrester predicts that insider threats will cause 31% of data breaches by the end of 2021, up from 25% in 2020.

Research from Gartner suggests that, by 2023, more than 60% of the world’s population will be covered by some form of personal data protection legislation. From GDPR to CalPRA, privacy regulations are on the rise. These compliance regimes aim to protect a user’s rights to their data — which, in practice, means that businesses need to implement more effective approaches to security.

There’s an old expression: When you’re a hammer, everything looks like a nail. Therefore, is it right for a security company such as Devo to consider all data security data? Let’s examine that concept. Recently I participated in a panel discussion at the GDS Security Insight Summit Europe with my colleague Dean Robertson who heads solution engineering for Devo in EMEA.

Eight vulnerabilities were discovered in Zephyr’s Bluetooth LE Stack using Defensics Bluetooth LE fuzzing solution.

To say that the past year presented its fair share of cybersecurity challenges to the InfoSec community would be a drastic understatement. The rapid migration to remote work at scale left 80% of CIOs unprepared, and SecOps teams struggled to confront the evolving threat landscape with disparate toolkits and skill sets. Not to mention that as more organizations shifted to hybrid and multi-cloud environments at scale, cloud complexity (and cloud-based threats) skyrocketed.

Insurance companies know how to protect their clients’ homes, cars, and businesses— but protecting the personal information of those customers is a bit harder to assure. While the insurance industry focuses on risk-based analyses for its own underwriting programs, firms also need to apply those same risk management processes to securing customer information.

A SOC 2 system description outlines the boundaries of a SOC report. It contains pertinent details regarding the people, processes, and technology that support your product, software, or service. As a reminder, the SOC framework stands for System and Organization Controls. It is a broad architecture that organizations can use to audit the internal controls of vendors and business partners before entering a relationship with those firms, to assess whether those firms have a robust security posture.

President Joe Biden recently signed an executive order which made adhering to cybersecurity standards a legal requirement for federal departments and agencies. The move was not a surprise. It comes after a string of high-profile cyber-attacks and data breaches in 2020 and 2021. The frequency and scale of these events exposed a clear culture of lax cybersecurity practices throughout both the public and private sectors.