Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In 2022 alone, there was a staggering 70% increase in malicious events across all public clouds. And cybercriminals are specifically targeting one of the most critical assets of any organization - its data. According to an 2023 IBM report, 82% of breaches involved data stored in the cloud. So this begs the question, which tools do defenders have at their disposal to address these mounting threats?

To kick off season 5 of the Future of Security Operations podcast, I’m joined by Mandy Andress. Mandy is the Chief Information Security Officer at Elastic, a leading platform for search-powered solutions, and has more than 25 years of experience in information risk management and security. Before Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada.

In a testament to the power of global collaboration, Device Authority recently witnessed the convergence of its US and UK teams in two distinct yet complementary gatherings. Amy Chu, VP Customer Success, chronicles the enriching experiences of the US team’s face-to-face summit, while Darren Cubbage, Engineering Manager, provides insights into the unity and inspiration emanating from the 2024 UK Company Get-Together.

Just as the heart keeps the body going, unseen and often not thought about unless something goes wrong, so do proxies serve as the hidden engines that power the bustling world of online retail. They are the invisible assistants that work hard to ensure the storefront—that shiny website filled with enticing products—remains the focus of our shopping experience.

The Payment Card Industry Data Security Standard (PCI DSS) was published over 15 years ago and in that time has undergone a series of revisions as technology, the threat landscape and information security best practices have changed.

The Department of Defense (DoD) has embraced the Zero Trust Architecture to enhance its resilience against evolving threats. ThreatQ emerges as a strategic ally, aligning seamlessly with the Zero Trust principles. This blog sheds light on the pivotal role of ThreatQuotient in fortifying threat detection, investigation, and response while minimizing redundancy and noise.

Imagine a site engineer visiting a construction site to inspect the progress of the project. Using his mobile device, the engineer captures images of specific areas that require attention, noting aspects like structural details, design modification, or areas that need immediate review and action. The engineer uploads the images into the project folder on Egnyte and shares it with the architect for quick feedback on the changes to be made.

Compliance in healthcare is a critical component to preserving the sanctity of modern society. Compliance in any industry ensures adherence to a minimum set of requirements to ensure quality of service; while undoubtedly important everywhere, it’s more so in healthcare due to its direct impact on human lives. For example, while financial compliance secures the safety of our funds, healthcare compliance ensures the safety of our personal selves.

While the rise of ChatGPT and other AI chatbots has been hailed as a business game-changer, it is increasingly being seen as a critical security issue. Previously, we outlined the challenges created by ChatGPT and other forms of AI. In this blog post, we look at the growing threat from AI-associated cyber-attacks and discuss new guidance from the National Institute of Standards and Technology (NIST).

As cybercriminals leverage tools like generative AI, making attacks easier to execute and with a higher degree of success, phishing attacks continues to increase in frequency. I’ve been covering the cybercrime economy’s use of AI since it started. I’ve pointed out the simple misuse of ChatGPT when it launched, the creation of AI-based cybercrime platforms like FraudGPT, and how today’s cybercriminal can basically create foolproof malicious content.