In today’s hyperconnected landscape, the security of Internet of Things (IoT) devices is no longer optional—it’s essential. With over 50% of connected devices harbouring critical vulnerabilities, securing IoT devices is an important challenge for organizations. Traditional manual methods of securing and managing device identities are insufficient.

In the face of increasingly sophisticated cyber threats, the chief information security officer, or CISO, is responsible for ensuring the organization's data is secure. CISOs ensure that proper security strategies, policies, and technologies are working to meet their goals of mitigating risk, maintaining regulatory compliance, and upholding customer trust. A CISO helps align security initiatives with business goals, enabling growth while minimizing disruptions and vulnerabilities.

I recently sat down with Tejpal Garwhal, Application Security and DevSecOps Leader, for a conversation debunking some of the most common API security myths. From zombie endpoints to the limits of WAFS and gateways, we covered what’s really happening on the ground; and what security teams need to do differently. Here’s a quick rundown of the key takeaways, but for the full picture, watch the full webinar.

Audits are hard enough. Chasing down duplicate evidence across systems shouldn’t be part of the process. We’re excited to announce we’ve joined Fieldguide’s open ecosystem, the industry-leading AI-powered platform built for top global CPA firms and enterprise-focused audit providers. ‍ This integration is designed to reduce friction, eliminate redundant work, and help both companies and auditors complete reviews more efficiently with streamlined communications.

There’s a silent frustration building inside security teams today. It’s the fatigue of defending critical data with tools that can’t keep up. The friction of investigating endless false positives. The anxiety of not knowing what sensitive data is actually doing across your environment. And the sinking realization that despite massive investments, DLP tools are failing at the one thing they were designed to do–prevent data loss.

In 2010, the Australian Signals Directorate (ASD) developed a set of prioritised threat mitigation strategies to provide cybersecurity guidance to government agencies and organisations. Over time, eight of those strategies proved to be the most effective and were formalised into the Essential Eight (E8) framework, officially published in 2017.