Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As we look at the sporting calendar for 2025 with the UEFA Women’s European Championship in Switzerland and the Tour de France in July, as well as the 2025 Women's Rugby World Cup in the UK starting in August, armchair sportspeople and in-person spectators are spoilt for choice. But aside from the marvel of watching athletes compete to achieve their dreams, the organization (and security) of such events requires meticulous planning, particularly as dates are fixed and immovable.

On April 15th of 2024, ISC² implemented a refreshed set of objectives for the CISSP exam. The goal of refreshing the exam objectives is to keep the exam relevant to the latest happenings in security. As things progress and new technologies are introduced, the objectives are updated to account for them as well as for the latest standards and processes. In this blog, we’ll look at the changes and explore some of the key things to be aware of as you prepare for the refreshed exam in 2025.

Cloud security monitoring refers to the ongoing surveillance, observation, analysis of cloud-based infrastructure and services to detect security threats, patch vulnerabilities, and address compliance gaps. As cloud environments expand, organizations need effective cloud-based security monitoring tools to ensure those resources remain secured.

People come and go within your organization, and those who remain move throughout the organization through promotions and transfers. However, the fundamental organizational structure remains relatively stable: Customer support agent, sales rep, HR manager, and software developer represent enduring functional roles, even as individual employees cycle through these positions.

Personally identifiable information (PII) is any data that can be used on its own or in combination with other information to identify, contact, or locate an individual. Examples of PII include full name, Social Security number, passport number, driver’s license number,r and biometric data.

Identity threat detection and response (ITDR) is a cybersecurity discipline focused on detecting, investigating, and responding to threats targeting identity systems like Active Directory (AD) and Entra ID, identity providers (IdPs), and authentication mechanisms. It enhances traditional identity and access management (IAM) by introducing threat intelligence, behavioral analysis, and automated response capabilities to mitigate identity-based attacks.

Mexico is in the middle of a digital revolution. Nearshoring, cloud adoption, e-commerce expansion, and AI-driven automation have helped transform everything from manufacturing plants in Monterrey to financial institutions in Mexico City. In just the last five years, Mexico has seen explosive growth in digital platforms and smart infrastructure, fueling economic momentum and global competitiveness. But this progress comes with a caveat: the digital acceleration has outpaced cybersecurity readiness.

We’re almost halfway through 2025, yet the cost of a data breach this year has already reached $5.3 million, an 8% increase from last year. This increase in cyberattacks, such as ransomware, has prompted regulatory bodies such as the GDPR, HIPPA, and many others to introduce new data protection laws to protect customer data. One of these is the Data Protection Impact Assessment (DIPA), one of many tools for organizations to prevent data breaches.

Recently, the EU officially launched its vulnerability catalog: the European Vulnerability Database (EUVD). This move has sparked a discussion about the future of global vulnerability tracking. Are we headed toward fragmentation, or is this a healthy step toward decentralization?

In a bold move aimed at safeguarding its AI ecosystem, OpenAI recently disabled several ChatGPT accounts linked to Russian, Chinese, and Iranian threat actors. These malicious entities exploited the chatbot’s capabilities to aid malware development, launch social media influence campaigns, and probe U.S. satellite communications infrastructure.