Compromised secrets and credentials are the most common cause of data breaches and are often left unmanaged. In the past year alone, we’ve seen sustained growth in supply chain attacks and security incidents impacting the security of secrets stored in code repos or unknowingly shared within SaaS applications. Because of this, there is a compelling need for reliable, accurate, and actionable secrets detection for modern organizations.

It’s old news, but data is – and will remain for the foreseeable future – king. It has to be dealt with and handled responsibly, assigned to the right boxes, and stored properly. Why? Because everyone wants it, and there are increased efforts to obtain it by ever-more sophisticated and subtle bad actors. You wouldn’t put a piece of junk mail in a high security vault. Nor would you trust a crown jewel to a locked desk drawer.

The Australian Security Legislation Amendment (Critical Infrastructure Protection) Act 2022 (SLACIP Act) and Systems of National Significance (SoNS) regulations are aimed at improving the resilience and risk management practices of Australia’s Critical Infrastructure sector and making it easier for organisations and governments to securely share information.

Companies accumulate massive amounts of data, whether it is intellectual property or customer and employee information. Data is a critical asset: it’s undeniable. If your business users have appropriate access to data, they can perform their jobs more efficiently and effectively, and they can analyze the data to derive key business intelligence that drives better business decisions. But if data isn’t protected from breaches, it can also be a liability.

Cyberattack prevention and remediation cost time and money. Are there ways to get a better return on your cybersecurity investments? What business processes or technologies will not only reduce those cyber risks but also save you time or money? This piece addresses those questions with a focus on data breaches.

Nigerian authorities have made great strides in data security, and businesses worldwide are taking notice. If you're planning to launch a mobile app in Nigeria, it's crucial that you understand the importance of app security and take steps to ensure that your app meets Nigerian data privacy requirements. We’re aware that data protection can be overwhelming as it requires a holistic approach that incorporates legal, administrative, and technical safeguards.

Cybersecurity professionals are tasked with the difficult job of protecting their organization's data from malicious actors. To achieve this goal, zero trust security has become an essential tool for organizations. But what exactly is zero trust? In this post, we’re going to separate signal and noise by disambiguating the term zero trust. We’ll talk about what it is, why it matters, and key takeaways you should have regarding the state of cybersecurity in 2023.

In “Developers don’t care about (data) security!” I dive into why that title isn’t necessarily accurate, but what is true is that developers don’t care about compliance—and by extension privacy regulations. Not because they don’t care about the underlying issues, but because the rules are murky and confusing.

A common topic in our blog is the threat that insiders pose to an organization’s sensitive data. Why? ‘Insider threats’ continue to pose the biggest threats to intellectual property (IP) and military secrets. Insiders, including contractors, need access to sensitive information to do their job, but to what extent? How can we prevent sensitive information from being exfiltrated by malicious insiders?