This is the fourth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. With new headlines every day about organizations that have been targeted by cyberattackers, it’s not surprising that 75 percent of organizations assume they’re likely to have a breach in the next three years.
With over 300 vendors exhibiting at KubeCon + CloudNativeCon North America 2022 (which is the long and official conference name), there was no shortage of early-stage vendors (230 at the silver and startup sponsor level) to visit for the 7000 attendees. Observability and security solutions were popular for the early-stage exhibitors.
Earlier this year, Splunk sponsored the report, "SOC 2025: The Future of Security Operations Centers" from Securosis, which is based on previously published blogs by analyst and president Mike Rothman (now with Techstrong Research).
Homomorphic encryption brings a whole new paradigm to encrypting data. In this article, I’ll explain homomorphic encryption, including.
Compliance is an essential aspect of every organization, and in business terms, it entails ensuring that organizations of all sizes, and their personnel, comply with national and international regulations, such as GDPR, HIPAA, and SOX. When guaranteeing compliance, many firms frequently overlook security. Gary Hibberd states that compliance with laws or regulations is only the starting point for cybersecurity.
Every year has been an unfortunate year for online privacy for the past few years. Data breaches and social engineering attacks are at an all-time high, and the concept of online data privacy is challenged to its core, with millions of users being affected every month. IBM’s Cost of a Data Breach Report highlighted that the average data breach cost increased 2.6%, from USD 4.24 million in 2021 to USD 4.35 million in 2022.
As everyone has surely heard by now, Elon Musk has bought Twitter. The controversial tech maverick's takeover of the site has caused some consternation for the site's users, employees, and advertisers - and has also proven a golden opportunity for scammers. Numerous verified Twitter users have reported receiving phishing emails from fraudsters, purporting to be a legitimate message from the website.
Cybersecurity is front and center as part of our national defense strategy. Civilian networks responsible for life-sustaining services such as water and power must be protected with the same vigor as networks that host sensitive data. To accomplish this the Department of Homeland Services developed the Continuous Diagnostics and Mitigation (CDM) program in 2012.
The OpenSSL project has announced two security vulnerabilities tracked as CVE-2022-3602 and CVE-2022-3786. The good news is that these vulnerabilities are unlikely to facilitate remote code execution as originally anticipated, and only OpenSSL version 3.0.0 and later are impacted. The bad news, however, is that even though the remote control is unlikely, it’s still possible.
