As security leaders, you’re tasked with protecting the crown jewels of our organizations, your data, while balancing innovation, compliance, and ever-evolving threats. Yet, too often, data security strategies rely on isolated tools and reactive measures, leaving critical gaps.

The Securities and Exchange Board of India (SEBI) has raised the bar on cybersecurity with its newly introduced Cybersecurity and Cyber Resilience Framework (CSCRF), effective August 20, 2024. For regulated entities (REs)—including stockbrokers, depositories, asset managers, and alternative investment funds—the framework not only requires compliance but also lays out a clear path toward resilience. These new guidelines require REs to implement VAPT and risk management, among other mandates.

In the spring of 2024, amid growing international concern about supply chain risk and the trust and reliability of technology suppliers, the United States banned Kaspersky Lab, Inc., the Russia-based antivirus company from providing its products to the US market. The ban went into effect on September 30, 2024. What impact has the ban had on US and global usage of Kaspersky? Has it been effective? A new analysis from Bitsight contains some surprising results.

As we approach the end of the year, many of us are reflecting on what we accomplished in 2024 — what did we do well this year? What could we have done better? It's also the perfect time to reflect on how to improve your team’s security practices. Have you been staying ahead of threats or have you let a few vulnerabilities slip through the cracks?

We’re officially in the final days of 2024, a year so eventful it feels difficult to remember half of what happened. We had the Olympics in Paris, which turned the world into fans of sharpshooting, breakdancing, and the pommel horse; a solar eclipse visible in totality from the US for the first time since 1979; and a monthslong, very impassioned rap battle between Kendrick Lamar and Drake.

CVE-2024-52875 is an HTTP Response Splitting vulnerability in Kerio Control. This flaw allows an attacker to inject malicious input into HTTP response headers by introducing carriage return (\r) and line feed (\n) characters. Such manipulation can cause the server to send multiple HTTP responses instead of one, leading to various attacks.

In an era where digital resilience is vital to corporate health, cybersecurity is a critical governance issue. The partnership between Bitsight and Glass Lewis underscores this reality by providing companies with a forward-thinking approach to assessing cybersecurity as part of Environmental, Social, and Governance (ESG) considerations.

While GitHub offers robust features, preventing data loss risks requires proactive measures. It’s vital as businesses increasingly rely on GitHub for source code management, safeguarding repositories against data loss, breaches, and operational disruptions. This overview explores the 15 most common data risks and provides actionable strategies for securing repositories and maintaining seamless development workflows. Contents hide 1 Risk 1. Accidental deletion of repositories 2 Risk 2.