Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For organizations in highly regulated industries, any misconfiguration in their cloud environments can be detrimental to customer trust and privacy if overlooked. To mitigate this risk, DevOps and security engineers follow recognized compliance standards to quickly surface issues in their AWS, Azure, or Google Cloud environments. Organizations can take this work a step further by developing detection rules tailored to their unique business or security goals.

In this episode of the Future of Security Operations podcast, Thomas interviews Arthur Barnes, Senior Director of Security Operations at Oracle – the world’s largest database management company. Arthur is an experienced cybersecurity leader with 20 years of experience, having previously worked at Pearson, Dell, and M&S.

In a recent dive into the deep web, Foresiet, the cyber security firm has made a shocking discovery. Our team has uncovered a massive data breach of a healthcare company in Texas, US. The data breach has resulted in the exposure of sensitive patient information and has left the affected patients vulnerable to identity theft and other serious consequences. The Breach Details During our deep web exploration, we stumbled upon a downloadable link to the breached data.

It’s April, designated National Supply Chain Integrity month by CISA, NCSC, ONCD and Department of Defense, to promote resources, tools, and information to help organizations and agencies secure their supply chains and build resilience. But what role does blockchain play in supply chain and how easy is it to implement? Blockchain technology has numerous potential applications in supply chain due to its ability to provide a secure, transparent, and tamper-proof ledger of transactions.

4/11/2023 - Gizmodo just dropped this eye-roll inducing news. The disgraced crypto exchange had no dedicated cybersecurity staff and "protected" users assets with minimal safeguards, according to new bankruptcy filings. Here are just two paragraphs of the whole story. The whole thing is unbelievable.

SOC 2 is a compliance standard for service organizations, developed by the American Institute of CPAs (AICPA), which specifies how organizations should manage customer data. SOC 2 is based on five overarching Trust Services Criteria (TSC): security, availability, processing integrity, confidentiality, and privacy. Specifically, the security criteria are broken down into nine sections called common criteria (CC).

External Attack Surface Management (EASM) and Digital Risk Protection Services (DRPS) are two important tools in the arsenal of any organization’s cybersecurity strategy. However, there is a significant difference between the two approaches that should not be overlooked.