On October 3, 2022 the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive 23-01 – Improving Asset Visibility and Vulnerability Detection on Federal Networks, a compulsory order intended to “make measurable progress toward enhancing visibility into agency assets and associated vulnerabilities.” BOD 23-01 mandates that Federal Civilian Executive Branch (FEEB) agencies complete a series of required actions within six months, or by April 3, 2023.
Effectively managing the many open source licenses used in enterprise software is a complex task that requires a thorough evaluation of key features in software license management tools. After that, you need to implement the technology using several best practices. In this blog post, let’s take a brief look at both.
A regulation is a government-enforced set of security guidelines an organization must follow to increase its cybersecurity standards. A cybersecurity framework, on the other hand, is a set of guides helping organizations improve their security posture.
The owner of a Russian penetration-testing company has been found guilty of being part of an elaborate scheme that netted $90 million after stealing SEC earning reports. For nearly three years, 42-year-old Vladislav Klyushin - the owner of Moscow-based cybersecurity firm M-13 - and his co-conspirators had hacked into two US-based filing agents used by publicly-traded American companies to file earning reports to the Securities and Exchange Commission.
Everyone knows what phishing is. It has been around for more than two decades. Now it seems that phishing is more accessible than before. This blog covers how malicious actors can benefit from the rise of subscription models of phishing, or “Phishing as a Service.”
If you work in a financial organization that operates in the US, you’ll have heard the phrases Nacha and ACH. Together, these entities affect many of the transactions you’re responsible for — and dictate how, why, and when your business accesses sensitive data. But, what exactly are they? And, what’s the difference between the two? Read on to find out.
Only those hiding from the news, prospects, and customers can miss the data security and privacy challenges that are occurring. More businesses are relying on data analytics (garnered from data collection) for more and improved service and product offerings. More individuals want data privacy and security. More nations want their citizens protected from corporate tactics that rely on mining and scraping personal data. More customers want tailored experiences that only come through data analytics.
