The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought leadership article.
Overworked, understaffed teams constantly jumping from one fire to the next – exhausted and reactive to events and alerts. The “SOC hop” is not sustainable.
The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem.
The current approaches most organizations take towards security are not good enough, writes Albert Zhichun Li, the Chief Security Scientist at Stellar Cyber. Something has to change.
If you work within the security industry, compliance is seen almost as a dirty word. You have likely run into situations like that which @Nemesis09 describes below. Here, we see it’s all too common for organizations to treat testing compliance as a checkbox exercise and to thereby view compliance in a way that goes against its entire purpose. There are challenges when it comes to compliance, for sure. Organizations need to figure out whether to shape their efforts to the letter of an existing law or to base their activities in the spirit of a “law” that best suits their security needs—even if that law doesn’t exists. There’s also the assumption that a company can acquire ‘good enough’ security by implementing a checkbox exercise, never mind the confusion explained by @Nemesis09. Podcast Episode 141: Massive Data Breaches Just Keep Happening. We Talk about Why. However, there is truth behind why […]