In the previous post, we discussed the basics of Threat Intelligence and its types by throwing light on the concept of knowns and unknowns. In information security, any information which can aid the internal security team in the decision-making process and reduce the recovery time accordingly is considered as threat intelligence. This first part in this series of articles will discuss threat intelligence cycle and its importance.

Many industries have sweepingly digitized their documentation in the name of efficiency – substantial efficiency. The healthcare industry created the electronic health record (EHR) in the name of efficiency as well (among other benefits). But EHRs are far from universal in the medical space. While some hospitals and practices are simply slow to adopt modern practices, the greatest barrier to the universal adoption of electronic health records is privacy and security.

Recently, the Defense Advanced Research Project Agency (DARPA) announced a multi-year investment of more than $2 billion in new and existing programs in artificial intelligence called the “AI Next campaign. Agency director, Dr. Steven Walker, explained the implications of the initiative: “we want to explore how machines can acquire human-like communication and reasoning capabilities, with the ability to recognize new situations and environments and adapt to them.”

We are all no doubt aware of phishing. That age-old practice of sending fraudulent emails with the hope of gaining financial details, obtaining account credentials or tricking a user into installing malicious software. The practice is not new. In fact, before the wide-spread use of the internet, people would often receive letters claiming that they had won some sort of competition and to claim their prize, all they had to do was send some cash to front the delivery costs.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A lot to get worked up about this week, and I will skip the majority of the noise about British Airways and yet more MongoDB related shenanigans, to highlight another kind of oversight: Deploying publicly accessible web content with Git and not cleaning up afterwards – or not doing it in the first place perhaps.

It shouldn’t come as a surprise to anyone reading this article that there has been a major shift towards businesses hosting their critical applications in the cloud. Software-as-a-Service (SaaS), as well as cloud-based servers from Amazon or Microsoft, have changed the way we build networked business systems for any size organization.

This summer, California passed groundbreaking privacy rights legislation through the California Consumer Privacy Act. The law takes effect January 1, 2020 but companies need to have data tracking systems in place by the beginning of 2019. Even if your business is not located in California, you may be liable - so here’s everything you need to know to get your data security compliant.