Did you know that GitHub Copilot may suggest insecure code if your existing codebase contains security issues? On the other hand, if your codebase is already highly secure, Copilot is less likely to generate code with security issues. AI coding assistants can suggest insecure code due to their limited understanding of your specific codebase. They imitate learned patterns or utilize available context without providing judgment.

In July 2023, the SEC adopted a new rule requiring disclosure of “material” cybersecurity incidents and detailed information on cybersecurity risk management, strategy and governance by public companies. With the new rule taking effect in December and annual reports due for public release and consumption in the first few months 2024, companies are scrambling to closely review and hone their cyber programs to address these new reporting requirements.

In my previous blog post, What you can’t do with Kubernetes network policies (unless you use Calico): Advanced policy querying & reachability tooling, I talked about this use case from the list of nine things you cannot implement using basic Kubernetes network policy — advanced policy querying and reachability tooling. In this blog post, we’ll focus on the use case — the ability to log and analyze network security events.

Cloud storage is a fiercely competitive market, so your decision to back up sensitive information, business documents, or photos is more important than ever. Not all cloud storage businesses are made equal, however. Some are designed to be a secure vault for your data and protect your privacy, whereas others hold encryption keys that give them the power to decrypt and view your private information.

No, it is not safe to text a password because text messages are not encrypted. This means anyone can intercept the data being sent through texts, including passwords, placing your accounts at risk of becoming compromised. Continue reading to learn more about password-sharing practices to avoid and how you can share passwords safely with friends, family and colleagues.

In the world of government contracting, information security is taken very seriously. There are a dozen different standards for security depending on who you are, what information you handle, and what department you’re working with. We’ve talked about many of them before, such as DFARS, FedRAMP, and CMMC, but there’s yet another to discuss. As you’ve guessed, if you’ve read the title, or as you know from seeing this post, we’re talking about FIPS.

In today’s era of digital transformation, organizations are rapidly shifting towards a distributed and dynamic digital infrastructure. This new reality is characterized by hybrid workforces, software as a service (SaaS), and cloud hosting. While this transformation brings numerous benefits, it also introduces significant challenges for IT organizations, particularly in terms of maintaining visibility over user experience and performance management.

Read also: Zeus kingpin pleads guilty, the Medibank hacker arrested, and more.

Get insights into the EU's Digital Operational Resilience Act (DORA) and its impact on cybersecurity compliance for financial sector companies and their critical contractors.