Music copyrights: how not to infringe
Musical compositions, both with and without lyrics, are protected as intellectual property under current law.
The Definitive Guide to Internet of Things (IoT) Privilege Access Management in 2023
According to a recent study, machine identities (IDs) are growing at twice the rate of human identities. To defend these machine identities in the IoT, privilege access management will be one of the most important areas of focus for businesses in the Internet of Things (IoT) space in 2023. As more and more devices are connected to the internet and can share data, it’s becoming increasingly important to make sure that only authorized users have access to sensitive information.
What the GDPR Means for Your Organization
The European Union (EU) General Data Protection Regulation (GDPR) turns five this year. While the law spawned many imitators, most notably the California Consumer Privacy Act (CCPA), the GDPR remains the world’s most comprehensive, far-reaching data privacy law to date. It gave European citizens a wide swath of new data privacy rights, while placing significant new data governance responsibilities on organizations.
Supply Chain Security: What is SLSA? (Part I)
Attacks on software supply chains have been around for some time, but recently they have evolved into much more dangerous threats. Let's dive into the SLSA framework to understand where supply chain security is headed.
Startups! Here's Your Guide to SOC 2: Readiness Assessment
A readiness assessment is the dry run before the official audit, so you can address potential issues before the actual audit takes place. It is not required, buthighlyrecommended to identify any gaps and plan resource allocation. Proper preparation is key – not only will you save time and resources, you’ll ensure a successful audit. Readiness assessments can be conducted by your organization’s internal resources, a CPA firm, or a consulting company.
Dev-First Prevention Strategies
Security and engineering teams often fail to find a balance between meeting the necessary security objectives for their organization and ensuring maximum velocity. While security teams view the process of blocking new critical severity vulnerabilities as a basic security best practice, engineering teams often push back out of fear that it will create too much friction for their developers. This dynamic is often based on prior experience with legacy security systems that focus almost solely on the needs of security and fail to support developers in this process.
Tracking the transport of radioactive sources with blockchain
This week, Australian authorities recovered a tiny capsule, just 6mm x 8mm (0.24 x 0.31 inches) along a 900km section of Australia’s longest highway, the Great Northern Highway. The pea-sized capsule was a radiation gauge containing caesium-137, a radioactive material with a half-life of 30.05 years, that is used to measure the density and flow of materials in the mining, and oil and gas industries.
Startup and Stability, Surprisingly now in the Same Sentence?
These are uncertain times in tech. If you’re at one of the many companies in the news recently, think back to why you joined. Was it the people? The tech? Or maybe… the perception of a rock-solid, not-going-anywhere, totally-guaranteed position? Things have changed lately.
Why Bots Threaten Your Cybersecurity
Say what you want about bots, but you have to admire their versatility. Bots do everything from rank Google results and serve up cat photos on your Facebook feed, to sway elections and defraud retailers. Basically, they’re quite flexible. These days, bad bots are big business, with cybercriminals around the world using them to fraudulently access accounts, attack networks, and steal data.
Secrets Need to be Secured Everywhere Not Just in Code Repositories
Organizations are unaware of the prevalence of API keys and secrets throughout their systems, and how their users are sharing and using them. Even with security best practices and policies in place, the lack of awareness or compliance, as well as the possibility of human error means that API keys and secrets need protection regardless of where they are stored or shared.