Generative AI has exploded in popularity across many industries. While this technology has many benefits, it also raises some unique cybersecurity concerns. Securing AI must be a top priority for organizations as they rush to implement these tools. The use of generative AI in manufacturing poses particular challenges. Over one-third of manufacturers plan to invest in this technology, making it the industry's fourth most common strategic business change.

Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all of these security configurations can be a daunting responsibility for security or IT teams to focus on, which is where security configuration management (SCM) comes in.

In the first quarter of every year, organizations around the world release reports summing up data breach trends from the previous twelve months. And every year, these reports say broadly the same thing: data breach numbers have gone up again. This year is no different. Or is it?

The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these security efforts is the misconception about data volume versus the necessity for comprehensive data collection.

A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways - locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with the threat of releasing it to others via the dark web.

Let’s start the second quarter of the year with boosting our security posture by adopting two-factor authentication methods on our accounts to make them more secure. Two-factor authentication (2FA) is an identity and access management security method that requires two forms of identification to access resources and data.

In an era where data breaches and privacy concerns are increasingly shaping global discourse, India's proactive stance on data protection is noteworthy. Introducing the Digital Personal Data Protection (DPDP) Act 2023 marks a significant milestone in India's legislative landscape. This groundbreaking Act fortifies individual data privacy rights and aligns India with global cybersecurity and data protection standards, setting a new benchmark for regulatory compliance.

In today's digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While many of these tools are important and necessary, organizations often don't use them to their full potential. With any security tool or platform, it is important to understand its features beyond the most basic functions.

Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis that I was part of reminded me that too often, the peanut butter and chocolate sit alone on their own separate shelves.

Google has issued a security advisory to owners of its Android Pixel smartphones, warning that it has discovered someone has been targeting some devices to bypass their built-in security. What makes the reported attacks particularly interesting is that traditional cybercriminals may not be behind them, but rather "forensic companies" exploiting two vulnerabilities to extract information and prevent remote wiping.