Password rotation is the practice of changing and resetting passwords at regular intervals to minimize security risks and unauthorized access to private information. There are two main types of password rotation: manual and automatic. Manual password rotation refers to the process of changing a password yourself, while automatic password rotation relies on a system to generate a new password and replace the old one.

In today’s cybersecurity landscape, it’s not enough to guard against external threats. Employees have access to so much sensitive information and so many ways to share it that it’s easier than ever to leak data accidentally. These accidental data shares can jeopardize your organization’s compliance standing, expose your systems to threat actors, and cost you business. Everyone makes mistakes.

Cloudflare One, our secure access service edge (SASE) platform, is introducing a new integration with Okta, the identity and access management (IAM) vendor, to share risk indicators in real-time and simplify how organizations can dynamically manage their security posture in response to changes across their environments.

It’s a concern for families everywhere: keeping kids safe online. For parents with teenagers, there’s the added complication of trying to balance a child’s safety with their right to privacy. But is online safety just families’ problem?

‍A cybersecurity risk assessment, or cyber risk assessment, is a standardized process that organizations have established along with their implementation of cloud-based technologies to discover the accompanying vulnerabilities and threats. These assessments leverage the available, relevant data to identify the likelihood of various cybersecurity events occurring along with the potential impact should they come to fruition.

The National Information Assurance (NIA) Policy is a framework for offering organizations a foundation for information security management. It was designed and developed to aid organizations with the necessary steps to ensure information security, from assessing and classifying risk to choosing and implementing controls for mitigation.

Penetration testing tools are necessary for enterprises that want to protect their applications from real-world cyber attacks. These tools identify vulnerabilities that could lead to breaches, like the 2017 Equifax data breach. These specialized tools help identify gaps in software security posture by simulating real-world attacks that vulnerability assessments may not fully expose.

APIs are built expressly to share a company’s most valuable data and services. This makes them a lucrative target for bad actors. We’ve already hit the tipping point — APIs are now THE way in. Salt Security’s 2024 State of API Security Report revealed that the count of APIs is increasing, having gone up by 167% in the past year. 95% of respondents have experienced security problems in production APIs, with 23% having experienced a breach.

Cybersecurity teams are seeing a strong transition toward more open and collaborative intelligence sharing. This shift stems from the recognition that no one organization can fight the multitude of threats alone. But despite this progress, a critical gap remains in post-incident intelligence sharing.

Nowadays, the digital supply chain is both essential and vulnerable. According to Pinsent Masons annual cyber report, supply chain breaches were the most common form of cyber incident in 2023 occuring in one third of cases (up from 5% in 2022). Meanwhile, Gartner predicts that almost half (45%) of global organizations will suffer a digital supply chain attack by 2025. Nowadays, the digital supply chain is both essential and vulnerable.