Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In November 2023, Sumo Logic experienced a security incident. While no one wants to be a victim of a cyberattack, and we certainly learned a lot about things that we can do better in the future, our team was lauded by customers and media alike for how we handled the situation underscoring the importance of a good incident response plan. One of the core values at Sumo Logic is that we’re in it with our customers. But more broadly speaking, we’re in it with the InfoSec community.

Leaders and agents running enterprise help desks today are in a very tough spot. They are tasked with resolving a dramatically increased volume of tickets, yet lack the visibility and tools needed to do so. Overwhelmed and often unable to do their jobs effectively, help desk professionals inevitably fall back on guidelines and rules of thumb that are simplistic and don’t reflect the complexity of a hybrid, digital workforce. Time is then wasted trying remedies that don’t produce results.

You know us: Every month we’re cooking up something new! Here are the updates that hit TrustCloud this month. TrustShare GraphAI will answer questionnaires for you with accurate, high-quality responses. TrustShare is getting a huge AI glow up. GraphAI’s generative AI capabilities will now fill in answers that are more context aware, more natural, and more accurate than ever before.

While AI has created exciting new opportunities for business, it has created urgent questions around ethics, responsible use, development, and management. AI also introduces a new, and often nebulous, element of organizational risk. With the introduction of two frameworks, ISO 42001 and NIST AI RMF, companies can now implement, demonstrate, track, and build their responsibility and trust around AI. TrustCloud is very pleased to announce that we support both ISO 42001 and NIST AI RMF.

Email is a well-known and widely used attack vector for malware distribution, phishing, and many other types of threats. For this reason, we evaluate certain email security practices as part of the Diligence category of risk vectors used to calculate Bitsight Security Ratings. On April 30, 2024, we added a new email security evaluation focused on the use of Domain-based Message Authentication, Reporting, and Conformance (DMARC) records.

Risk. It’s more than just an infuriating board game from your childhood. And when identity risk is involved in your cybersecurity landscape – and it will be involved, since identity is one of the most easily accessible and most frequently attacked facets of your IT environment – the potential consequences of its compromise extend well beyond losing control of a fantasy continent on a game board.

If the UK is serious about digitizing the economy, then cybersecurity is priority number one and the first step should be to take a hard look at the UK Government's recently released draft code of practice for cybersecurity governance. Whilst governments around the globe have been kicking around the metaphorical can of AI regulation, something has been going on in the background: something tangible, incredibly dangerous, and increasingly more frequent: cybercrime.

The industry’s first identity detection and response (ITDR) analyst report names CrowdStrike an Overall Leader and a “cyber industry force.” In KuppingerCole Leadership Compass, Identity Threat Detection and Response (ITDR) 2024: IAM Meets the SOC, CrowdStrike was named a Leader in every category — Product, Innovation, Market and Overall Ranking — and positioned the highest for Innovation among all eight vendors evaluated.

As adversaries become faster and stealthier, they relentlessly search for vulnerable assets to exploit. Meanwhile, your digital footprint is expanding, making it increasingly challenging to keep track of all of your assets. It’s no wonder 76% of breaches in 2023 were due to unknown and unmanaged internet-facing assets. Against this backdrop, it’s more critical than ever for organizations to maintain a continuous and comprehensive understanding of their entire attack surface.

Change in the cybersecurity industry is inevitable, and 2024 brings upheaval in the form of geopolitical tensions, rigorous compliance requirements, and of course, the rapid acceleration of generative AI.