Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Telemedicine has revolutionized healthcare delivery, enabling patients to access medical consultations from the comfort of their homes. However, this shift to virtual care necessitates strict adherence to the Health Insurance Portability and Accountability Act (HIPAA) to ensure the protection of patient privacy and the security of electronic health information.

Security breaches occur in 86% of cases because of unauthorized privileged credential access, while the PAM market reached $4 billion in 2025 because of rising identity-based threats which include ransomware and cloud sprawl. Organizations need to address their hybrid system problems and AI-based cyber threats during 2026 because their existing password storage systems fail to fulfill their requirements.

Enterprise security programs were built for a time when data lived in a small number of predictable locations. That model no longer holds. Today, data is constantly created, copied, transformed, and shared across cloud applications, endpoints, on-prem systems, and generative AI tools, often without clear visibility. Protecting data in the AI era requires three pillars: holistic visibility across the full data lifecycle, a deep understanding of data with context (e.g.

Cloud environments power modern business, but they also attract sophisticated malware. Attackers target cloud storage, virtual machines, and APIs to hide malicious code and steal sensitive data. This guide explains cloud malware analysis in clear terms. It covers key techniques and real examples to help security teams spot and stop these threats.

Consider a common scenario: Your organization has allocated millions toward firewalls, endpoint protection, and advanced threat detection systems. Your security operations team maintains continuous monitoring through sophisticated dashboards. Yet, despite these comprehensive defenses, an attacker can gain unauthorized access using nothing more than compromised credentials and a hijacked service account. This is where identity and access management metrics play a key role.

GitGuardian expands NHI Governance with integrations across cloud IAM, secrets managers, and SaaS platforms for complete machine identity control.

In today’s AI rush, I’ve seen even the most disciplined organizations find it almost impossible to apply the hard-won lessons of DevOps and DevSecOps onto AI adoption. These organizations often feel forced to choose between moving fast and staying in control. As a result, they develop a “wait and see” approach to AI usage and implementation, and it’s creating a new, more dangerous form of technical debt. I call it the AI Blind Spot Debt.

Compliance with data sovereignty regulations in New Zealand can be complex to navigate, especially for organisations operating hybrid or cloud deployments. Managed service providers (MSPs) and small and medium enterprises (SMEs) in New Zealand that want to take advantage of the benefits of the cloud must make sure they’re in compliance with regulations.

One of the most insidious security risks isn't a sophisticated attack, it's the endpoint that stops reporting. A sensor that appears enrolled but hasn't sent telemetry in hours or days represents a critical blind spot. Whether due to network issues, system shutdown, agent crash, or intentional tampering, these silent sensors deserve immediate attention.

Kubernetes applications often rely on Persistent Volume Claims (PVCs) to store critical data, from databases to user uploads. Losing this data due to cluster failures or accidents can be catastrophic for DevOps teams. In this post, we’ll walk through how to safeguard your Kubernetes PVCs using CloudCasa, a backup-as-a-service platform.