Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The cybersecurity landscape is witnessing a phenomenon that has come to be known as the “Great Resignation” among Chief Information Security Officers (CISOs). The challenges faced by CISOs in coping with ever-increasing regulations, compliance mandates, and the need for skilled resources have reached a tipping point. Coupled with a lack of cooperation from the C-suite, these factors have led to a surge in burnout among CISOs.

Supply chain security has been a top concern for risk management leaders ever since the high-profile attacks to SolarWinds and Log4j took place. While there's no one-size-fits-all way to identify, assess, and manage cyber risks in the supply chain, MITRE's System of Trust Framework offers a comprehensive, consistent, and repeatable methodology for evaluating suppliers, supplies, and service providers alike.

Attack surface management is certainly a concern for most organizations, but being top of mind does not mean it's easy for organizations to understand or implement. Unfortunately, there are many misconceptions about how hard managing one's attack surface is, so let's deal with five of the most common fallacies. The fact is attack surface management is a lot easier said than done and to be effective, attack surface management demands a strong base of 'cyber hygiene'.

Cybersecurity has risen to become a major concern for nearly every industry. With the constant stream of news about the escalating numbers of breaches, it is understandable that governments have taken a more active role by passing cybersecurity and privacy legislation. Some of the industries are not top of mind to many people. For example, few people are aware of all of the industries that make up the 16 sectors of critical infrastructure.

Insider threats are an updated version of the wolf in sheep's clothing - the people we rely on to safeguard systems and data can sometimes be the ones who pose the greatest risk. From malicious actors to negligent employees, insider threats come in many forms and can have devastating consequences for organizations of all sizes. Who’s an Insider?

While it might seem initially abstract, sustainability and data security are symbiotic. Allow me to explain. Regardless of the action or industry, critical data touches everything. Whether data is being used in pharmaceutical research, financial records, or intellectual property, securing it is the common imperative. This is especially true as it moves through various access points, the cloud, applications, the web, and various other transactions.

The digital world has brought advancements in all sorts of life. The applications communicate with each other over the internet to deliver effective service. API is an application language that interacts with the application server to extract the client’s intended information and produce it readable. It is estimated that the global API market will reach about 13.7 billion US dollars by 2027. This user-friendly software makes the business organization widely adopt it to enhance their growth.

Since a lot of our customers build and run their applications in AWS, our partnership and joint solution delivery with AWS provides enormous value. We’re excited to share that we’ve deepened our ties to AWS in two compelling ways, by achieving AWS WAF Ready Status and earning AWS Security Competency. Salt is the first and only API security company in both of these vital AWS programs.

The UK government’s Security Policy Framework (SPF) outlines the expectations and requirements for security measures to be implemented across UK government departments, and external agencies handling government information and data assets. The framework covers various aspects of information security, including governance, risk management, technology and services, and culture and awareness.

Many companies are concerned by the uptick in insider risk that’s come with the work-from-home boom. By one estimate, 58% of office workers work from home at least one day a week. This trend creates blind spots for companies. Managers see their employees less often, people work off network and on personal devices, and they keep schedules that don’t adhere to the previous more predictable hours.