The responsibility for compliance with GDPR privacy laws, and the consequences of non-compliance can vary greatly from one organization to another. Often it is not clear who is responsible for data protection – whether or not they are a “data controller” or “data processor” – but here are some guidelines in order to help you determine which category your company falls into so as to best take necessary precautions against breaches or other potential illegalities.

Federated identity systems, such as Google Identity, bring security and convenience in the form of SSO for Internet or cloud applications. It is common to be prompted for authentication in order to grant various levels of access or permissions for applications ranging from Google Drive, Google Cloud SDK, Google Chrome plugins, Slack, Adobe, Dropbox, or Atlassian to numerous third-party apps.

The Anti-Phishing Working Group (APWG) has just released its Phishing Activity Trend Report for Q1 2021. The first findings are easily predictable; the dispersion of the workforce is pushing phishing attacks to new records: just in January 2021, the APWG detected 245,771 unique phishing sites, the highest number reported so far.

As an omni-channel customer service solution, Zendesk allows for companies to meet customers where they are by providing a variety of options for customer support, intake, and management of the overall customer experience (CX) process.

Devo recently published a new research report Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, based on a survey conducted by Enterprise Strategy Group (ESG). ESG surveyed 500 IT and security professionals working in the security operations center (SOC) chain of command at organizations with more than 1,000 employees in North America and Western Europe. The survey took place in the first quarter of 2021. This is the first in a series of posts about the report.

Snyk is a developer-first, cloud native security platform that scans for vulnerabilities across code, dependencies, containers, and infrastructure as code. Snyk does a great job of surfacing vulnerabilities in your codebase, but it can often be challenging to map these issues back to actual services and their owners. Fortunately, Snyk’s robust API can be used to tune Snyk to integrate into solutions designed to help engineering teams understand and improve their service-oriented architecture.

It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps. There are many tools available for running adversary emulation plans and performing purple team exercises.