FedRAMP, the federal risk and authorization management program, is a comprehensive and structured way to develop a security – mostly cybersecurity – position when working with the federal government. It’s a framework meant for contractors and third-party businesses that handle information for the government and who need to keep it secure. The question is, if you’re a cloud service provider, what are the benefits of implementing FedRAMP?

On May 20, 2024, Ticketmaster parent company Live Nation Entertainment launched an investigation after detecting unauthorized activity within a database containing company data. A week later, they were contacted by someone who threatened to sell their user data on the dark web. I, like many other Ticketmaster customers, became worried about my data, so I took immediate steps to protect myself. Here is what I did.

ISO 27001, the internationally recognised standard for information security management systems (ISMS), provides a framework for organisations to protect their valuable information assets. Penetration testing is crucial in preventing data breaches and maintaining the business’s reputation. ISO 27001 strongly recommends it as a critical tool for assessing an organisation’s security posture and ensuring compliance with control A.12.6.1, which focuses on managing technical vulnerabilities.

The public sector continues to be a target for cybercriminals as ransomware attacks and data breaches hit government organizations at all levels, incurring large financial costs and operational disruptions. The public sector is especially vulnerable to cyber attacks for a variety of reasons, including legacy systems, lack of resources, large amounts of sensitive data and the fact that it manages essential services.

The Payment Card Industry Data Security Standard (PCI DSS) is a global cornerstone for safeguarding cardholder data. PCI DSS version 4.0, the most recent iteration, emphasises a dynamic, risk-based approach to security, compelling organisations to tailor their controls to their unique environments. PCI DSS penetration tests are crucial for meeting and maintaining security standards.

With over 100 million users and partnerships with Microsoft, Reddit, Stack Overflow, and more, ChatGPT has become the herald of an AI revolution since its launch in late 2022. The rise of this AI-powered natural language processing tool comes down to two distinct features: its conversational nature, which allows anyone to ask questions and receive detailed and helpful responses, and its access to a global knowledge base.

The Payment Card Industry Data Security Standard (PCI DSS) is the gold standard for protecting cardholder data. With the recent release of version 4.0, the focus on securing APIs has intensified. But what does this mean for your organization, and why shouldn't you take API security with a grain of salt (pun intended)?