In the age of digital-first businesses, every other software solution either uses an API (Application Programming Interface) or makes one. They enable various applications and services to work together, enabling businesses to improve features, streamline user experience, and provide new exciting offerings. Unfortunately, the more APIs we collect and interact with, the more security challenges increase.

‍ ‍ ‍One of the most simultaneously exciting and challenging aspects of working in the cybersecurity industry is that the risk landscape and management practices never stop evolving. Additional data is continuously being gathered, and new frameworks are constantly developed to help organizations better assess, measure, and secure themselves against threat actors poised to exploit system weaknesses.

Artificial Intelligence (AI) and Large Language Models (LLM) have revolutionized numerous industries, from healthcare to finance. However, with this rapid adoption comes new risks, one of which is prompt injection. This emerging threat has significant implications for the security, ethics, and reliability of AI systems.

The world has evolved and the on-going momentum of Cloud and Work-From-Anywhere (WFA) has become unstoppable. CISOs have realized their traditional security architectures, specifically VPNs, are no longer adequate to ensure only authorized users have access to critical resources. This has made the role of CISO ever more important because we now have applications everywhere and people everywhere, leading to increased cyber threats everywhere.

Hilton Hotels was formally opened in 1925 in Dallas, Texas. It is a hospitality company with at least 7,629 properties across 126 countries and territories, including the United States. The business manages, owns, or franchises about 23 brands, including Hilton Garden Inn, Waldorf Astoria, Hilton Hotels and Resorts, Homewood Suites, and Conrad Hotels. Hilton Hotels has over 173 million Hilton Honors members.

The National Institute of Standards and Technology’s widely used Cybersecurity Framework (NIST CSF) provides organizations with a common language that allows staff at all levels—and at all points in a supply chain—to develop a shared understanding of their cybersecurity capability.

WannaCry, Log4j, Follina, Spring4Shell — these incidents send shivers down the spines of anybody who works in IT or security. Zero-day vulnerabilities are unknown or unaddressed exploitable software or hardware security flaws that are typically unknown to the vendor and for which no patch or other fix is yet available.

The first rule of sharing your passwords online club is, you must not share your passwords online. Unfortunately, this is not always possible, as teams and departments need ways to access different platforms, websites, or accounts to run smoothly. If you or your team find yourselves in a situation where sharing passwords online can’t be avoided, there are security measures you can take to prevent your password from falling into the wrong hands.

Microsoft Sentinel customers, get ready to streamline your security monitoring and investigation workflows with the official 1Password integration for Microsoft Sentinel.

As the cloud becomes increasingly integral to modern businesses, cloud data protection (CDP) gains importance. From safeguarding against data loss due to accidental deletion or system failures to protecting against cyber threats like ransomware, CDP is the foundation of a resilient cloud strategy. The cloud brings its own set of challenges, from the dynamic nature of containerized workloads to the complexity of multi-cloud environments.

What you’re doing isn’t working. Despite best efforts, the scale of cybersecurity data is outpacing the ability of security information and event management (SIEM) solutions to identify and stay ahead of digital threats. Incremental improvements can’t keep pace with the scale of data contained in cloud solutions and the scope of data created by new tools, like generative AI. The result? It’s time for transformation—and time for SIEM to act like a security data platform.