Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Things to do before you switch audit firms | TrustTalks - Ep 4 | Security and GRC Podcast

Switching audit firms is not just a routine decision; it’s a strategic move that can significantly impact your business’s financial health and compliance. Whether you’re dissatisfied with your current auditor’s performance, seeking specialized expertise, or looking to cut costs, making the switch can offer numerous benefits and challenges. In this podcast, we’ll explore what happens when you switch audit firms, including the steps involved, potential risks, and key considerations to ensure a smooth transition.

Privacy vs confidentiality: What is the difference? | TrustTalks - Ep 3 | Security and GRC Podcast

Are you confused about the difference between privacy and confidentiality? Don’t worry, you’re not alone. While these terms are often used interchangeably, they actually have distinct meanings. In this podcast, we will explore the nuances of privacy and confidentiality, helping you understand their significance and how they relate to each other. Privacy refers to the right to maintain control over your personal information. It involves the ability to keep certain details about your life, preferences, and activities private and secure.

Quick guide to ISO 42001 and NIST AI RMF | TrustTalks - Ep 2

As businesses increasingly turn to artificial intelligence (AI) to enhance innovation and operational efficiency, the need for ethical and safe implementation becomes more crucial than ever. While AI offers immense potential, it also introduces risks related to privacy, bias, and security, prompting organizations to seek robust frameworks to manage these concerns. In response to this surge in AI adoption, national and international bodies have been developing guidelines to help companies navigate these challenges. These frameworks not only aim to mitigate potential risks but also ensure compliance with evolving regulations.

Protecting Against Bot-Enabled API Abuse

APIs have become the backbone of modern digital ecosystems, powering everything from mobile apps to e-commerce platforms. However, as APIs grow in importance, they also become prime targets for malicious actors. Increasingly, bots are being weaponized to exploit vulnerabilities, overwhelm systems, and siphon sensitive data—all without triggering alarms until it’s too late.

Admin update: Create auto-lock, release channel, and 1Password browser extension rules

Every organization has its own team culture, processes, and security requirements. That’s why we’re continuously updating 1Password Enterprise Password Manager with new options that give you greater flexibility and granular control.

CrowdStrike Announces Falcon Identity Protection for AWS IAM Identity Center

As organizations scale their operations on Amazon Web Services (AWS), they must secure their identities and ensure all users have the correct permissions. AWS IAM Identity Center is built to simplify access management across multiple AWS accounts — a critical tool for rapidly growing AWS environments. This hub for identity data and processes demands strong protection against the identity-focused threats growing popular among today’s adversaries.

The Rise of Cross-Domain Attacks Demands a Unified Defense

Modern adversaries are quiet. No longer reliant on clunky malware to breach their targets, they have adopted more subtle and effective methods to infiltrate businesses, move laterally and access critical applications, steal data, impersonate users and more. They are also gaining speed: The average eCrime breakout time, now just 62 minutes, has fallen in recent years as adversaries accelerate from initial intrusion to lateral movement.

CrowdStrike Showcases Cloud Security Innovation and Leadership at AWS re:Invent

As organizations accelerate their innovation in the cloud and their adoption of AI, securing AI workloads and identities has become critical. Misconfigurations, vulnerabilities and identity-based threats expose high-value assets to potential manipulation and exploitation. For AWS customers, advancing cloud security means establishing resilient guardrails that protect innovation without compromising speed.

Why Protecting Third-Party APIs is Essential for Enterprise Security

In today’s rapidly interconnected digital environment, third-party APIs have become fundamental for enhancing functionality and enriching user experiences. However, as seen in recent incidents like the Kaiser data breach, these third-party integrations carry risks that, if unaddressed, can lead to significant security and privacy violations.