Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most organizations are using AI in some way today, whether they know it or not. Some are merely beginning to experiment with it, using tools like chatbots. Others, however, have integrated agentic AI directly into their business procedures and APIs. While both types of organizations are undoubtedly realizing remarkable productivity and efficiency benefits, they may not know they are putting themselves at a significant security risk.

Using unapproved tools, software, and devices poses a significant risk to your organization. You never know what vulnerabilities so-called “shadow IT” may introduce, leaving your sensitive data and systems exposed to potential threats. In this article, we define the term shadow IT and explore several reasons why employees use unapproved software.

Legacy DLP solutions, as well as CASB and app-native DLP solutions, face significant challenges in providing comprehensive coverage across modern SaaS, AI apps, and endpoints. Lack of visibility, clumsy deployments, and expensive implementations are common drawbacks of using these tools — and they leave big gaps in data loss prevention. Even today, we’re still seeing the same problems that have persisted for decades in today’s DLP solutions.

Cybersecurity investment is a critical balancing act between cost and protection. Threat intelligence is often seen as a crucial part of this equation, providing insights that help businesses anticipate and prevent cyber attacks. Yet when it comes to evaluating the return on investment (ROI) of threat intelligence, the focus often remains narrowly on its role in threat detection. This limited perspective misses the broader strategic value that high-quality intelligence brings.

AI is transforming businesses — from automated agents performing background workflows, to improved search, to easier access and summarization of knowledge. While we are still early in what is likely going to be a substantial shift in how the world operates, two things are clear: the Internet, and how we interact with it, will change, and the boundaries of security and data privacy have never been more difficult to trace, making security an important topic in this shift.

Imagine building an LLM-powered assistant trained on your developer documentation and some internal guides to quickly help customers, reduce support workload, and improve user experience. Sounds great, right? But what if sensitive data, such as employee details or internal discussions, is included in the data used to train the LLM?

Generative AI is reshaping many aspects of our lives, from how we work and learn, to how we play and interact. Given that it's Security Week, it's a good time to think about some of the unintended consequences of this information revolution and the role that we play in bringing them about.

In anticipation of Bitsight’s upcoming 2025 Ratings Algorithm Update (RAU), many organizations are eager to learn more about what to expect from the changes. We are excited to share that the update will be ready for preview on April 8th in the Bitsight applications so that everyone can proactively prepare for the RAU.

In a report published by Statista, cybercrime cost the world over $9 trillion in 2024 and is predicted to rise to nearly $14 trillion by 2028. These figures are a deep source of worry for governments and private businesses about what’s next in the cyber threat landscape. The problem is that cyber threats are rising in both volume and scale. More so, the major threats are directed at emerging technologies, aiming to capitalize on weaknesses in emerging AI and ML systems.

About one in three organizations that leverage cloud service providers (CSPs) use Amazon Web Services (AWS), according to November 2024 research from Synergy Research Group. This means two things. One is that when attackers are looking to get the most out of a single exploit, they will likely craft them to target AWS systems. And two, that AWS data security best practices are a timely topic for a wide range of today's organizations.