In 2022, the adoption of infrastructure as code (IaC) soared, with IaC domain specific languages like HCL, Shell and GoLang gaining popularity and momentum across the open source tools ecosystem. In fact, the rise of Policy as Code is the result of a new paradigm blurring the lines between IT, legal and R&D departments – everything as code. But what do developers have to do with compliance and infrastructure provisioning? What does PaC entail, and what types of PaC are there?

I get the WSJ Cybersecurity newsletter, which by the way is warmly recommended. Kim Nash today reported a shocker which will make everyone's insurance premiums go even further up: "Six years after the worldwide NotPetya cyberattack, a court ruled insurers for Merck & Co. must help cover $1.4 billion in losses. New Jersey appellate division judges rejected the insurers' argument that the 2017 attack, which U.S.

Security professionals have become all too familiar with the threat posed by phishing. Whether it’s a convincing looking email asking an employee to click a link to update their login credentials or a surprise text from the CEO asking them to send over gift card codes for a customer, phishing attacks have only continued to grow over the years. For 2023 alone, 33 million data records are expected to be compromised due to phishing attacks.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Analyzing an organization’s security posture through the prism of a potential intruder’s tactics, techniques, and procedures (TTPs) provides actionable insights into the exploitable attack surface.

Earlier today, Google announced that you can now create and use a passkey to secure your personal Google account. This support is an important step toward the widespread adoption of a simpler, more secure alternative to passwords.

The move to hybrid work environments came suddenly for some organizations, while for others, it had been building incrementally. Regardless of how it happened, few came to it with a strategic plan for how IT would handle it. The result has been myriad challenges that span the physical and digital. On the digital front, one of the biggest challenges is related to secure file sharing.

We’re excited to announce the newest addition to Vanta’s product portfolio, Vendor Risk Management, as well as improvements to Access Reviews, and more updates from April: ‍ ‍ ‍

We hope you're all doing well and staying secure. The team at LimaCharlie has been hard at work developing cybersecurity solutions that are accessible and effective, and we're excited to share some recent updates with you. Last week, we had the opportunity to attend both BSides San Francisco and RSA, where we were able to connect with other cybersecurity professionals and showcase some of our latest developments.

While there continues to be (limited) debate about on-premises file servers and cloud file storage, the fight is over, and the cloud has won. If you are still in doubt, take a few minutes to review the limitations and costs of on-premises file servers as well as the benefits of cloud file servers.