APIs are being deployed so fast and at such scale that companies risk both not knowing what they have (Shadow APIs), and losing control of API security, including exposing vital data and processes.
NIST’s Guide to a Secure Enterprise Network Landscape released in November 2022 examines the shift from on-premise networks to multiple cloud servers. Although the guide doesn’t address SaaS applications directly many of the principles it discusses can be applied to the SaaS ecosystem.
As the world becomes more complex non-traditional approaches to ensuring data security and protection must be evaluated. In this article Wei Chieh, the founder of SWARMNETICS draws a parallel between how we treat open source software and the Asian organisational attitude toward White Hat hackers (or ‘independent security researchers’) as assets that might help to stem the tide of security breaches that Asian companies face today.
Automation is no longer an office-only reality. How can we ensure security when inviting automation into our homes? Should we be auditing smart home technology in the same way we audit our office automation?
Smart cities are here to stay. The complexity of the modern city simply demands that data is collected and used to ensure the quality of life of those who are using the services of the city. But just how much control and privacy are people willing to give up?
Quantitative cybersecurity budgeting helps security professionals properly translate security risks into business risks and demonstrate how cyber risks impact the organization as a whole – which are key to getting buy-in from non-technical stakeholders.
Smart devices are now a fact of life – they touch almost every part of our existence. Yet smart home devices have now further eroded our right to privacy. In this article we take a look at just how these devices have reduced our ability to resist an invasion of privacy - and just why we need to be aware of how that elusive goal of privacy is becoming even more difficult to attain.
A recent study conducted by Chubb in major Asia-Pacific markets reveals that SMEs tend to be both overconfident and underprepared when it comes to cyber awareness.
While confirming that SCCs are valid with the Privacy Shield gone, the CJEU underlined that they can only be relied upon when risks have been properly assessed and cannot amount to a “tickbox exercise.
The COVID pandemic and The Great Resignation have led to extensive upheaval in workforces and workplaces. How best to achieve and maintain continuous SOC 2 compliance in the face of these seismic shifts?
