Cybersecurity trends in SEC filings
In 2023, the Securities and Exchange Commission (SEC) required public companies to include a new section […]
GDPR set the tone for regulatory action — and the AI fine pushback to come
Big tech firms continue to push back against fines levied for alleged violations of European data […]
IBM and Red Hat want to become the ‘security clearinghouse’ for open source applications in the enterprise
Open source code is everywhere in the enterprise; it’s estimated that upwards of 90% of Fortune […]
Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects
A newly discovered and so far unpatched critical vulnerability in the open source Gogs Git service […]
Indian CERT urges firms to contain exploited internet-facing flaws within 12 hours
India’s cybersecurity agency, CERT-In, has urged organizations to patch, mitigate, or isolate known exploited vulnerabilities affecting […]
GlassWorm falls, but the repo problem is far from solved
Taking down a sprawling malware operation once signaled progress in securing the open-source ecosystem. Now, it […]
The AI governance imperative you can’t afford to ignore
CIOs rushing to roll out AI agents without real visibility into their decision-making processes are flirting […]
What the industrialization of exploitation means for defenders
For decades, cybersecurity was a battle of skill. Elite attackers versus elite defenders. The rules of […]
DPDP Compliance Starts With Your Keys: 5 Non-Negotiable KMS Controls for Indian Enterprises
India Digital Personal Data Protection Act (DPDPA) 2023 is no longer just a distant hope to […]
Employees are unknowingly inviting tech support impersonators into firms, says FBI
Online or telephone IT support scams have been tricking employees into downloading or clicking on malware […]