Businesses been forced to step up their approach to security and privacy in the past few years due to: This growing digital complexity has led to the evolution of three vital executive-level positions: CIO, CISO and CPO — the Chief Information Officer, the Chief Information Security Officer and the Chief Privacy Officer. As three separate executive-level positions within companies centered around technology and cybersecurity, the lines between CIO, CISO and CPO can get blurry.

After having accelerated cloud and digital transformations during the pandemic, manufacturers might be forgiven for wanting to take a pit stop. But there is no time to slow down and rest on their laurels. On top of inflation, energy price shocks and economic uncertainty the technology landscape is shifting, faster than ever before — and so are the new kids on the block such as massive cyberattacks and sustainability imperatives.

Freshen up how you build security into the software pipeline. In this article, we’re looking at the seven core principles of DevSecOps: Let’s get started.

If you are a fan of superhero movies like me, the assembling of the Avengers or Justice League at a pivotal moment to take on the villains is one exhilarating experience. That the collective strength, rather than individual brilliance, saves the day is a common them in most films of this genre. And the same can be applied to any organization that comes face to face with a major cybersecurity incident such as an enterprise-wide ransomware attack or a massive DDOS attack: the teams save the day.

A critical part of an organization’s overall cybersecurity strategy, Attack Surface Management (ASM) helps organizations to: This article describes ASM is, including why it is needed and how it works. At the end, I’ll discuss how software solutions can automate attack surface management. (This article was written by Shanika Wickramasinghe. See more of Shanika's contributions to Splunk Learn.)

Ransomware is the type of malware that locks you out of your own computer until you pay a ransom. This digital extortion is one of the most serious security threats facing the Internet today. Ransomware not only impacts unsuspecting Internet users, but business organizations, government institutions and even critical services such as utility, healthcare and emergency facilities. Ransomware has been around for many years.

Triple Data Encryption Standard (Triple DES) is a symmetric block cipher-based cryptography standard that uses fixed length keys with three passes of the DES algorithm. As a symmetric cryptographic scheme, DES implementations rely on the same secret keys shared between the sender and the recipient. As we’ll see later, Triple DES was developed as a way to prevent man in the middle attacks. Let’s take a look at Triple DES — and we’ll start first with DES.

Cryptography is used to secure data at rest, stored in servers, and in motion, transmitted over the network. Cryptography involves mathematical operations that convert the original plaintext into an unintelligible ciphertext (encryption) and the reverse process, converting ciphertext to plaintext (decryption). Cryptographic algorithms apply these algorithms in combination of keys, which serve as a secret knowledge to complete the algorithmic operations correctly.

Threat hunting and detection are two major prevention strategies in modern cybersecurity systems. Both strategies help identify potential threats to the organizations — though they take different approaches to threat identification. This article explains the difference between threat hunting and detection, so you know what to focus on for your organization’s cybersecurity strategy.

The mathematical properties and concepts of elliptic curves are used in asymmetric key exchange cryptography schemes. Common applications include: In this article, we’ll take a deep dive into elliptic curve cryptography. We aim to take a digestible, slightly less academic look that still thoroughly explains this technical topic. For something a little lighter, explore our introduction to cryptography.