Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Data governance and protection are crucial in safeguarding sensitive information. Proper classification and data labeling are essential to ensure that the right people access the right information. Failure to implement these practices can result in data breaches, financial losses, and reputational harm. To help with this, Microsoft offers sensitivity labels that classify and protect data as part of the compliance and security capabilities of Microsoft Purview Information Protection in Microsoft 365.

Starting November 10, Phase 1 of the US Department of Defense’s CMMC 2.0 program went into effect, marking the start of a phased three-year rollout. Phase 1 begins with Level 1 and 2 self-assessments and culminates with the full implementation of program requirements in Phase 4. Organizations that fail to demonstrate compliance will not be eligible to bid on U.S. Defense contracts.

Earlier this week, The Australian broke the news that the Cyber Touhan hacking group stole classified plans for Australia’s new infantry fighting vehicles, a $7B AUD procurement program, in a massive cyber-attack targeting 17 Israeli defence contractors in the supply chain. The attack was carried out by targeting a downstream supplier, MAYA Technologies, exploiting vulnerabilities in their network and peripherals to gain access to sensitive data.