Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A Software Bill of Materials (SBOM) is a detailed, machine-readable, nested list of all of the third-party components and their dependencies that compose a modern software product. SBOMs have particular importance in the health, finance, critical infrastructure, and military sectors, and in mergers and acquisitions, but all industries and applications can benefit from them. SBOMs have been around for over a decade but they’ve gained serious traction in the wake of the SolarWinds breach.

Businesses of all sizes are increasingly reliant on technology to conduct their operations efficiently. While technology offers numerous benefits, it also exposes organizations to a growing threat—cyber attacks (or cyberattacks). As the frequency and sophistication of cyber threats continue to rise, businesses are turning to a crucial safeguard: cyber attack insurance.

Secure your digital landscape and maintain compliance with regulations by embracing an Identity Access Management (IAM) system. In this guide, you will learn the significance of IAM, its key components as well as how to implement it in your organisation and manage access to identity management solutions more effectively – securing sensitive data from unauthorised personnel so that employees can easily gain access to all necessary tools for their job roles.

With today’s dynamic cybersecurity threat landscape, governance, risk management, and compliance (GRC) can’t afford to be stuck lagging and playing catch-up. It needs to be leading the pack, ensuring organizations are compliant, protected, communicative, and driving business success.

MGM Resorts has announced that it will be shutting down 12 of its hotels and casinos in and around Las Vegas. The reason—a ransomware attack of unknown magnitude on servers containing a goldmine of customer data. MGM reports that it managed to detect the breach at a fairly early stage and notify the authorities and law enforcement, but the damage incurred is yet to be evaluated.

Earlier this summer, the internet was taken by storm by three critical vulnerabilities affecting MOVEit Transfer, a file-transferring software solution widely used by high-profile companies to store and share, in some cases, even the most sensitive business information.

The way we do business continues to evolve, and with that, the requirements to remain compliant continue to evolve as well. PCI-DSS is no exception — as of March 2024, PCI-DSS 4.0 will introduce some significant changes. These differences are largely minor but could be very impactful for organizations depending on how they previously approached PCI-DSS 3.2.1.

In August, NIST released the final draft of the highly anticipated update to its Cybersecurity Framework (CSF). The final draft is likely very close to what the final version will be when NIST releases it in early 2024. Therefore, it’s worth becoming familiar with the draft and beginning to plan how to use the NIST CSF 2.0 as a tool to strengthen your own cybersecurity posture.

The push for data privacy has exploded in recent years, with regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) leading the charge. This means consumers around the globe are gaining rights regarding how their data is collected, stored, processed and sold, as well as more ways to hold companies accountable when poor data security practices lead to data breaches involving personally identifiable information (PII).

The world of software development has witnessed a significant transformation thanks to low-code/no-code development platforms like Microsoft Power Platform, Salesforce, and ServiceNow. These platforms have empowered developers and business users of all technical backgrounds to create applications, automations, bots, connections (and more), rapidly and with greater accessibility.