In this blog post, we will explore how the computer security landscape has expanded to reach below the operating system levels, aiming to address areas that are often overlooked or completely neglected in cybersecurity. Attackers have discovered techniques to establish long-term persistence in compromised hosts by injecting malicious code to run before the operating system loads in areas commonly referred to as Basic Input Output System (BIOS).

I have worked as a security leader since the early commercial days of the internet, where the CISO role only existed in some areas of financial services. Participating in the growth and maturity of security as a business function has been an amazing journey. I have learned a lot of lessons on my own, through my personal experiences, or via my peers. One thing I was not able to do was learn from experienced CISOs that have time and distance to reflect on how to best be successful as a CISO.

The term artificial intelligence is used to describe an IT system’s simulation of human intelligence processes, such as the ability to adapt, solve problems or plan. Artificial intelligence systems cover several of these features at present and, with the advent of ChatGPT, their use has become widespread in everyday life. However, this has also resulted in organizations exploiting the term "artificial intelligence," seeking to capitalize on its appeal.

Researchers at Trustwave are tracking an increase in the use of QR codes to spread phishing links. “Being open-source, QR code generators have become accessible to anyone with access to the internet,” the researchers write.

With the goal of achieving robust and efficient data management, one cannot overlook the prowess of Rubrik Secure Cloud (RSC), a platform encapsulating a comprehensive suite of GraphQl APIs. As many organizations trust both Rubrik and ServiceNow for their operational needs, blending these two systems creates a potent synergy.

The volume of data moving to and collaborating in the cloud has spurred government concern and oversight over protecting sensitive personal, business, government and defence data. Data sovereignty is the concept of a country or jurisdiction having the right to govern and control digital data collection, storage, processing, and distribution within its borders. Organisations operating across international borders must comply with the rules of each country/jurisdiction where their data resides.