Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI-powered solutions are becoming increasingly prevalent in enterprise environments, leading to a new trend in procurement: the need for comprehensive AI governance frameworks. This shift reflects a growing awareness of AI-specific risks and the need for more granular controls. As the founder of Nightfall AI, a startup building AI models for data security, I've navigated hundreds of procurement cycles and observed a rise in AI-specific requirements.

Despite significant investments in cybersecurity tools like Identity and Access Management (IAM), Security Information and Event Management (SIEM), and Data Loss Prevention (DLP), insider risks continue to grow. Why? These tools primarily focus on actions, logs, and event recognition rather than taking a deep, sophisticated approach to understanding human behavior over time. Insider threats—whether from negligence, malicious intent, or compromised users—are notoriously difficult to detect.

In the world of security, every second counts. A shorter mean time to detect (MTTD) translates to less damage, increased customer trust, and a greater likelihood of securing cybersecurity support. An important factor in achieving this rapid response is the power of an intuitive and user-friendly interface.

The speed at which vulnerabilities are detected and addressed can drastically impact an organization’s likelihood of suffering a security incident. Recently, Bitsight demonstrated how its investments in product fingerprinting and CVE mapping allowed it to identify and surface assets potentially impacted by a set of critical vulnerabilities in the CUPS printing system in under 24 hours.

In 2024, you should avoid several Facebook Marketplace scams, including those related to mobile payments, gift cards, stolen items and rental properties. Facebook Marketplace is part of Facebook and it allows you to buy or sell items from local individuals or small businesses. Since some Facebook Marketplace transactions occur online, there are various ways you could fall victim to these types of scams.

You can ensure data integrity in your organization by enabling data encryption, investing in a password manager, regularly backing up your data and implementing strict access controls. Data integrity ensures that your data is accurate and complete, meaning it hasn’t been changed, removed or stolen by an unauthorized user. Continue reading to learn why data integrity is important and how your organization can ensure your data is accurate, complete and consistent.

Is my organization’s disaster recovery strategy ready for today’s uncertain cyber landscape? Your company has determined the recovery point objectives (RPOs) and recovery time objectives (RTOs) for all systems. You have also implemented solutions to achieve these goals. Your organization routinely performs successful Disaster Recovery (DR) tests meeting your established expectations and objectives.

The OWASP Top Ten lists have been the cornerstone for application security best practices for over two decades. The 2019 list was the first edition of the OWASP API Security Top 10. The latest, OWASP API Security Top 10 2023, gives our security and engineering teams a glimpse of attack vectors that are becoming more common. With that in mind, it also helps our security teams to ensure that they have adequate coverage for security testing.

October 1 marks the start of Cybersecurity Awareness Month and traditionally Trustwave has discussed the general security concepts highlighted by the Cybersecurity and Infrastructure Security Agency (CISA), and National Cybersecurity Alliance (NCSA). However, this year Trustwave will take a slightly different approach. In the same vein that one can never have too much cowbell, Trustwave believes there is no such thing as too many security tips.

Ralph Waldo Emerson, the renowned American writer, lecturer and philosopher, is often credited with the phrase “It’s not the destination, it’s the journey.” Legal, Compliance, Risk and Security professionals would be wise to consider Emerson’s wise words and philosophy. The path to optimal compliance outcomes and practices is long and full of twists and turns – with new and increasingly complex rules, regulations and legal regimes.