Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

India’s Digital Personal Data Protection Act, 2023 (DPDP Act) is finally moving toward activation. In January 2025 the government published the Draft Digital Personal Data Protection Rules, 2025 for public consultation to operationalize the Act. As of late 2025, the Act is enacted but core provisions still await final notification, so a phased rollout remains likely.

I talk to VPs of Building Technology every single day, and the common thread I hear is this: managing your “smart” portfolio feels way too hard. You’ve invested heavily—locks, cameras, thermostats—but the tech stack still feels like a mess of disconnected systems.

Climate change is no longer a distant threat; it has become a defining issue of our time. Rising global temperatures, unpredictable weather patterns, and shifting socio-economic landscapes are reshaping how businesses operate and how governments serve their constituents. In the midst of these enormous challenges, there is one undeniable truth: resilient growth hinges on the capacity to understand, manage, and adapt to climate change risk.

API Security Evaluation Checklist In the first half of 2025, APIs have emerged as the primary focus for attackers. Unlike traditional broad attacks on websites, threat actors are increasingly exploiting vulnerabilities and launching DDoS attacks on APIs, which are often harder to secure and manage at scale. Key insights from the State of Application Security Report H1 2025.

Cybercrime is growing at a rapid pace, and ransomware has become one of the most significant threats to businesses today. These attacks spread quickly across networks using strong encryption and target companies of all sizes. Security leaders, such as CISOs and CIOs, now carry far greater responsibility. They need to protect digital assets, manage crises, and maintain business operations even in the event of an attack.

On July 25, 2025, St. Paul, Minnesota, suffered a digital crisis. Initially, it looked like a few irregular system alerts. In reality, it was a coordinated ransomware attack by the notorious Interlock gang. This gang has been on the radar of federal investigators for quite some time. The St Paul cyber attack forced the city to shut down its networks and suspend online services. People switched to paper-based operations to prevent further damage.

FedRAMP is the federal government’s framework for evaluating and enforcing standardized security across the cloud service providers operating as contractors. They take security seriously, and the protection of controlled information is their top priority. A key part of validating the security of a CSP is the SAR, or Security Assessment Report. What is the SAR, and how do FedRAMP agencies evaluate SAR submissions?

The US Department of Justice’s new Data Security Program (DSP) requires organizations to treat large collections of U.S.-person and government-related data as matters of national security.

Most HIPAA violations now involve websites and tracking technologies. Standard website tools like analytics, pixels, session replay, and chat create regulated data flows that many teams have never instrumented or reviewed. We’ve seen this play out in public: investigations and lawsuits involving Blue Shield of California and Novant Health showed how ordinary tracking technologies can expose Protected Health Information (PHI) at scale.