Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As of January 17, 2025, all financial entities and their information and communication technology (ICT) service providers catering to EU entities must comply with the Digital Operational Resilience Act (DORA). ‍ If you’re new to the regulation, you can reduce the potential overwhelm caused by its various requirements by using a concise compliance checklist. To help, we’ve created a robust guide that covers everything you should know, including: ‍

Last month, during testimony on global cyber threats before the U.S. Committee on Homeland Security, a longstanding debate resurfaced: Why do vendors name different cyber threat actors, and can’t we directly call out those responsible? Industry veterans will recognize that a discourse on this topic tends to pop up in vendor, media, and public policy circles every few years.

On January 16, 2025, an Executive Order 14144 was issued, aimed at strengthening the nation’s cybersecurity defenses. This order comes at a crucial time – during the fiscal year 2023, U.S. federal agencies reported over 32,000 cybersecurity incidents, reflecting a 5% increase from the previous year.

AI coding assistants like GitHub Copilot are transforming the way developers write software, boosting productivity, and accelerating development cycles. However, while these tools generate code more efficiently, they also introduce new risks more efficiently—potentially embedding security vulnerabilities that could lead to severe breaches down the line. What is your plan for reducing risk from the vast amount of insecure code coming through agentic AI in software development?

With modern businesses increasingly relying on multitenant and multicloud platforms, safeguarding critical data has never been more crucial. Backup as a Service (BaaS) offers a scalable, efficient way to protect valuable assets and ensure business continuity in the face of unexpected incidents.

What’s the difference between an unsupervised toddler with markers and an unsecured CI/CD pipeline? Both look fine at first, but chaos is inevitable. While a toddler might scribble on walls, an unsecured pipeline invites attackers to wreak havoc on your digital assets. Cleaning up after either is tough—prevention is smarter. The CrowdStrike 2024 report reveals that cloud-conscious intrusions skyrocketed by 110% in 2023.