Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Featured Post
cycognito

What Security Teams Need to Know About the EU's NIS 2 Directive

Oct 24, 2024 By Graham Rance, VP Global Pre-Sales In CyCognito
The deadline to get compliant with the EU's NIS 2 Directive is here. And this isn't just a minor update from its NIS 1 predecessor-it's a major expansion that carries with it new challenges and obligations. The directive now covers a whopping 300,000 organizations, up from just 20,000 under NIS 1. Sectors like aerospace, public administration, digital services, postal and courier services, and food production are now included. Organizations are classified into "essential" or "important" entities based on size and criticality to the economy.
Read Post
Featured Post
bluevoyant

The Role of Cyber Security in Building Supply Chain Resilience and Efficiency

Oct 16, 2024 By Lorri Janssen-Anessi, Director of External Cyber Assessments In BlueVoyant
The COVID-19 pandemic exposed significant vulnerabilities in global supply chains. With technology companies scrambling to respond to unprecedented disruptions, it became clear that traditional supply chain models were no longer sufficient. When we look back on the supply chain crisis before and during the pandemic, it is easy to identify the areas of improvement because we now have so much more information and the benefit of hindsight, but during the crisis, it was extremely challenging to find immediate ad-hoc solutions, which clearly illuminated a lack of contingency planning.
Read Post
secude

Securing CAD files along the supply chain with HaloCAD

Oct 15, 2024 By Secude In SECUDE
Nowadays, the digital supply chain is both essential and vulnerable. According to Pinsent Masons annual cyber report, supply chain breaches were the most common form of cyber incident in 2023 occuring in one third of cases (up from 5% in 2022). Meanwhile, Gartner predicts that almost half (45%) of global organizations will suffer a digital supply chain attack by 2025. Nowadays, the digital supply chain is both essential and vulnerable.
Read Post
SecurityScorecard

What is Supply Chain Detection and Response?

Oct 7, 2024 By SecurityScorecard In SecurityScorecard
Supply chain detection and response (SCDR) is a solution for supply chain incident responders that drives critical issue identification, vendor responsiveness, and time to incident resolution. SCDR solutions provide risk intelligence, AI-driven workflows, and collaboration capabilities to improve the security posture of your organization and your suppliers.
Read Post
Snyk

The mysterious supply chain concern of string-width-cjs npm package

Oct 3, 2024 By Liran Tal In Snyk
This story starts when Sébastien Lorber, maintainer of Docusaurus, the React-based open-source documentation project, notices a Pull Request change to the package manifest. Here’s the change proposed to the popular cliui npm package: Specifically, drawing our attention to the npm dependencies change that use an unfamiliar syntax: Most developers would expect to see a semver version range in the value of a package or perhaps a Git or file-based URL.
Read Post
ciso global

A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security

Sep 26, 2024 By Various Security Experts at CISO Global In CISO Global
…In the world of supply chain security, vigilance is your best friend. Stay informed, stay alert, and always prioritize security in your decisions. After all, in this interconnected digital world, we’re all in this together.
Read Post
jfrog

Trusted Software Delivered!

Sep 20, 2024 By Shlomi Ben Haim In JFrog
At swampUP 2024 in Austin just a few days ago, we explored the EveryOps Matters approach with the crowd of developers, driven by a consolidated view from their companies’ boardrooms and 2024 CIO surveys. The message was clear: “EveryOps” isn’t just a strategy or tech trend — it’s a fundamental, ongoing mindset shift that must drive developers’ proactive actions in an ever-evolving software landscape. It’s not optional; it’s essential.
Read Post
bitsight

From Theory to Practice: How Portugal's Cybersecurity Centre Is Tackling NIS2 Compliance

Sep 19, 2024 By Francisco Fonseca In BitSight
In their capacity as a regulator, the Portuguese National Cybersecurity Centre (CNCS) is at the forefront of adapting to NIS2 requirements and ensuring that entities under their purview are compliant. They provide strategic oversight and support for organisations navigating the complexities of the new directive, which introduces stricter standards for risk management, incident response, and supply chain security.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.