Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the past few weeks, the topic of tariffs has dominated headlines internationally. These trade measures have triggered global economic volatility, with the European Union (EU) pausing its retaliatory tariffs to allow room for negotiation. While the immediate focus is on economic ramifications, it's crucial to recognize the less visible, yet significant, impact these tariffs can have on cybersecurity infrastructures, especially in the realm of API security.

MCP, short for Message Communication Protocol, refers to a category of protocols used for exchanging structured messages between systems or applications. It was developed primarily to meet the communication needs of early enterprise systems that required: MCP protocols are often seen in banking, insurance, healthcare, and telecom industries—sectors where many systems were developed before APIs became mainstream.

The rapid adoption of generative AI (GenAI) in the enterprise is introducing a new category of unmanaged risk known as shadow AI. Organizations frequently lack insight into which employees are using GenAI tools and how they are being accessed, resulting in visibility limitations, policy enforcement challenges, and increased risk of data exposure. Security teams face potential data leaks and compliance violations, while IT teams struggle to integrate GenAI usage into existing governance models.

The number of connected devices will reach over 17 billion worldwide in 2024. This is a big deal as it means that all previous connectivity records. The statistics paint a worrying picture – 22% of organizations dealt with serious IoT security incidents last year. The security landscape looks even more concerning. The average organization’s devices remain completely unsecured – about 30% of them. IoT devices face significant threats, with malware affecting 49% of them.

In today’s rapidly changing digital environment, APIs play a crucial role in modern business, facilitating smooth connectivity and data sharing. Yet, this interconnected nature brings significant security and privacy risks, as evidenced by the Federal Trade Commission's (FTC) recent settlement with GoDaddy. This settlement serves as a stark reminder that strong API security is no longer just a good security practice but is now a legal obligation.

The rapid rise of AI-powered applications brings innovation, but also security blind spots. As AI systems become integral to our daily lives, their security must keep pace with their capabilities. This is the focus of our AI Security Testing Series, where we analyze popular AI applications for vulnerabilities that could put users at risk. In our last analysis, we tested Deepseek’s Android app and uncovered critical security flaws.

CrowdStrike Falcon Cloud Security now delivers real-time detections for AWS IAM Identity Center, helping organizations detect and respond to identity-driven cloud threats before they escalate. A few months ago, we released CrowdStrike Falcon Identity Protection support for AWS IAM Identity Center to help organizations detect and stop identity-based attacks before they could reach the cloud control plane.