Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

UpGuard

From NIS to NIS2: What Your Organization Needs to Know

The first Network and Information Systems (NIS) Directive, introduced in 2016, was a key regulation that enhanced the EU’s cybersecurity posture, laying the foundation for protecting critical infrastructure and essential services from cyber threats. However, as cyber threats have evolved, so too must the regulations that protect against them. Enter NIS2—an updated and more comprehensive directive designed to address the gaps and limitations of its predecessor.

How to Prepare for a Cyber Essentials Plus Audit

Cyber Essentials is a UK government-supported certification scheme that helps organizations protect themselves against cyber threats by providing a framework of basic security controls for safeguarding systems. Cyber Essentials Plus builds on this foundation by requiring a more in-depth, hands-on assessment by an independent auditor. This audit not only verifies that essential cybersecurity controls are in place but also ensures they are functioning effectively in practice.

PSPF 001-2024: Safeguarding GovTech from Foreign Influence

In 2024, the Australian government introduced PSPF Direction 001-2024 in recognition of the potential threats posed by Foreign Ownership, Control, or Influence (FOCI) on technology assets and GovTech (government technology operations). As part of the Protective Security Policy Framework (PSPF), PSPF 001-2024 is a crucial step in evaluating and mitigating cyber risks associated with foreign interference in the procurement and maintenance of technology assets.

GDPR's Influence on Indian Data Protection Practices

The General Data Protection Regulation (GDPR), introduced by the European Union in 2018, has not only set a new benchmark for data privacy but has also significantly impacted global data protection frameworks. Its comprehensive and stringent requirements have prompted countries worldwide, such as India, to reevaluate and enhance their data protection laws. In recent years, India has been actively working on enhancing its data protection regulations, drawing considerable influence from the GDPR.

Effective Board Communication: Lessons from CrowdStrike for CISOs

The 2024 CrowdStrike Incident blue-screened Microsoft computers worldwide, causing significant disruptions to high-profile industries such as transportation, healthcare, and financial services. Now that the world has largely recovered, the most forward-minded chief information security officers (CISOs) are focusing on using the incident as an opportunity for continuous improvement. How can they prevent similar incidents from having such a disastrous impact on their organization in the future?

NCIIPC Explained: Safeguarding India's Critical Infrastructure

Safeguarding critical infrastructure is crucial for national security and economic stability in the digital age. The National Critical Information Infrastructure Protection Centre (NCIIPC) plays a key role in protecting India's vital assets and critical infrastructure. Tasked with the monumental duty of protecting the nation's most vital assets—such as power grids and financial systems—the NCIIPC stands as a stronghold against the constantly evolving landscape of cyber threats.