Over the winter holidays, Southwest Airlines, one of the U.S.’ largest and most reputable airlines was forced to cancel around 45% of its scheduled flights. It’s difficult to pinpoint the exact reason for this meltdown, but in my opinion this is likely due to outdated infrastructure and IT systems. Other airlines also had to deal with bad weather and holiday traffic, but were not faced with the same level of disruption.

It’s rare that a week goes by without at least one data breach making the news. Criminals are targeting companies of all sizes to see if they can slip past their digital defenses and steal confidential data.

VodafoneIdea Limited, a leading Indian Telecom Operator has successfully achieved SOC2 Attestation. After undergoing a rigorous auditing process, VodafoneIdea achieved SOC2 Attestation from VISTA InfoSec, a well-known Global Cybersecurity Consulting, and Certification organization. The SOC2 Audit and Attestation is an assessment of internal controls and security practices conducted by the independent auditors of VISTA InfoSec.

Audit Policy: Object Access: Certification Services” is a setting in the Windows operating system that controls whether or not the system generates audit events when a certificate is requested or used for authentication purposes.

We continue to innovate quickly to help you improve your compliance and security programs. This past month, we launched our own security awareness training video, along with these exciting platform updates: ‍

APIs are everywhere, enabling businesses to maximize business value. From digital transformation and application modernization to cloud migration and microservices, API-first app architectures are finding their way into every technology touchpoint, giving rise to API sprawl. Consequently, most DevOps and security teams are uncertain about all the active and exposed APIs, and are lacking proper strategies to manage API sprawl.

Audit Policy: Object Access: File System is a setting in the Microsoft Windows operating system that determines whether the system generates audit events when certain actions are taken on files and directories stored on the file system. When this setting is enabled, the system will log events such as when a file or directory is read, written to, or deleted. This can be useful for tracking changes to sensitive files or for troubleshooting issues with file access.

In October 2022, data center construction reached a record high, reflecting our reliance on collecting, storing, and securing data. This reliance permeates businesses across all industries and puts pressure on data centers storing and processing large amounts of data–much of which is sensitive.

I am yet to meet a CISO who has been given unlimited resources to secure the organization, and in almost all cases, there is more work that can be done to improve security. So given infinite time and resources, how to prioritize the next strategic initiative or project? The increasing maturity of security control frameworks such as those developed by NIST and CIS provide a good structure for maturing a cyber security programme, mapped to preventing common tactics, techniques and procedures .