Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Riscosity

DPDP, India's Privacy Law

India's Digital Personal Data Protection (DPDP) law, enacted in 2023, represents a pivotal step in safeguarding personal data privacy while fostering accountability among entities handling such data. As businesses grapple with its requirements, understanding its core mandates, applicability, timeline, and implications is critical for compliance and operational efficiency.

LLMs - The what, why and how

LLMs are based on neural network architectures, with transformers being the dominant framework. Introduced in 2017, transformers use mechanisms called attention mechanisms to understand the relationships between words or tokens in text, making them highly effective at understanding and generating coherent language. Practical Example: GPT (Generative Pre-trained Transformer) models like GPT-4 are structured with billions of parameters that determine how the model processes and generates language.

Riscosity and Microsoft Azure: A Powerful Partnership for Data Security

This collaboration is a significant step forward in making robust data security accessible to all organizations. By leveraging the Azure Marketplace, we're empowering Azure customers to easily discover, deploy, and integrate Riscosity into their existing infrastructure. This seamless integration allows for a streamlined experience and faster time to value.

Challenges with Data Security Posture Management (DSPM)

While Data Security Posture Management (DSPM) is a powerful approach for discovering, monitoring, and managing sensitive data across complex systems, it is not without its challenges. These hurdles often stem from the complexity of modern data environments, evolving threats, and operational constraints. Below are the primary challenges associated with DSPM.

Barak Engel Lightning Interview

Welcome to the third installment of Riscosity’s Lightning Interview Series In this episode, we sit down with Barak Engel, founder and CEO at EAmmune, and CISO at MuleSoft, Amplitude, StubHub, BetterUp, and Faire among others. Barak is also the author of Why CISOs Fail, The Security Hippie, and The Crack in the Crystal. Ever wonder how you pentest a novel? Tune in to find out.

Mike Machado Lightning Interview

Welcome to the second installment of Riscosity’s Lightning Interview Series In this episode, we sit down with Michael Machado, a security industry veteran and former CISO at public and pre-IPO companies including RingCentral, Shippo, and BeyondTrust. Ever wonder the best strategy for gaining meaningful budget increases as a CISO? Tune in to find out.

GDPR and CPRA: A Unified Call for Data Transparency and Accountability

The General Data Protection Regulation (GDPR) of the European Union and the California Privacy Rights Act (CPRA) represent landmark regulations designed to protect consumer data privacy. While GDPR became enforceable in May 2018, CPRA came into effect in January 2023, building on its predecessor, the California Consumer Privacy Act (CCPA). Both laws aim to empower individuals with greater control over their personal data while imposing rigorous obligations on businesses.

Privacy Engineering is Dead

In an era where data breaches, privacy violations, and regulatory fines dominate headlines, the need for robust privacy engineering has never been more critical. Yet, despite its growing prominence, privacy engineering is failing to meet the demands of businesses and consumers alike. To understand why, let’s explore what privacy engineering is, the challenges it faces, why its current state is insufficient, and the transformative shift needed to make it truly effective.

Securing Identities in Business Data Flows

In today’s business ecosystem, data exchanges are critical for operations. From APIs to FTP connections, Electronic Data Interchange (EDI), and Virtual Desktop Infrastructure (VDI), data transfers happen continually, each using specific protocols and requiring authentication to ensure security and confidentiality. These interactions rely on a vast array of identities, keys, and credentials that need consistent management and periodic rotation to maintain security.