Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As cyber threats continue to evolve, addressing cybersecurity challenges is more urgent than ever. Traditional passwords, long considered foundational to digital security, are increasingly vulnerable to sophisticated attacks like phishing and credential stuffing. With cybercriminals becoming more adept, businesses need more secure and reliable authentication methods. Enter passkeys – an innovative step forward in authentication technology.

When deciding between an on-premises or cloud-based Privileged Access Management (PAM) solution, a cloud-based PAM solution is recommended because it is easier to manage, highly scalable and cost-effective. Continue reading to learn more about the differences between on-prem and cloud PAM, the pros and cons of each and the important factors to consider when choosing the right solution for your organization.

As of the end of last year, DoD contractors have to start paying attention to CMMC, as the Final Rule for CMMC 2.0 is now in force. While the timelines for full CMMC 2.0 compliance have just started, the full compliance process will inevitably take time. There will be mistakes, gaps, and missed items along the way. The accepted way to handle these gaps is through the use of POA&Ms. What are POA&Ms, how do you use them, and what do you need to know for 2025 and beyond?

AI systems are quickly becoming critical elements of business technology. Imagine building an AI agent trained using your internal documents and guides to quickly improve customer experience, process loan applications, or provide tier 1 support to your customers. The potential is tremendous—but what happens if your models are trained using your own intellectual property like software code, customer data, or other sensitive information?

In the past year alone, the number of artificial intelligence (AI) packages running in workloads grew by almost 500%. Which is to say: AI is everywhere, and it’s settling in for the long haul. Naturally, as helpful as they are, these AI workloads come with security challenges, including data exposure, adversarial attacks, and model manipulation. So as AI adoption accelerates, security leaders must build an AI workload security program to protect their organizations while enabling innovation.

SQL Server is more than just a database—it's a powerful platform that can be leveraged by attackers for system access, persistence, and code execution. While organizations focus on protecting their valuable data, they often overlook the inherent capabilities within SQL Server that make it an attractive target for adversaries looking to establish footholds in Microsoft environments.

Kubernetes powers modern application deployments, yet safeguarding its secrets remains a formidable challenge. In a 2024 report, IBM estimated that 16% of data breaches stemmed from compromised credentials, resulting in significant financial losses. The recent attack involving a stolen API key at the U.S. Treasury Department highlights the vulnerability of even well-protected systems.

Supporting Japan FinTech Week has become a Fireblocks tradition. This March, we, as many in the ecosystem, chose to re-contextualize planned contributions and engagements as the week-long Tokyo event was the first significant global gathering of both regulators and industry after the Bybit hack.

The EU AI Act is one of the world’s first comprehensive regulations aimed at AI-based systems. While we had voluntary standards like ISO 42001, the Act introduced mandatory requirements that in-scope organizations must meet to avoid considerable fines and operational disruptions. ‍ If you develop, use, or distribute AI systems, you may have to meet the obligations prescribed by this directive. Our EU AI Act summary will help you do so by covering: ‍

Every year, companies reevaluate their budgets, making tough calls on where to invest for the most impact. In many organizations, cybersecurity spending is often seen as a cost center. However, without adequate security investments, companies put themselves at greater risk for data breaches that could disrupt business operations and damage customer trust, ultimately costing the company a lot more in the end.