Reports

SolarWinds Hacked Image

What SolarWinds Tells Us About Securing the Software Development Supply Chain

The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought leadership article.

The SOC Hop Needs to be a Relic of the Past

Overworked, understaffed teams constantly jumping from one fire to the next – exhausted and reactive to events and alerts. The “SOC hop” is not sustainable.

Deep Fake Faces

Can Blockchain Solve Data’s Integrity Problem?

The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem.

Futility or Fruition?Rethinking Common Approaches To Cybersecurity

The current approaches most organizations take towards security are not good enough, writes Albert Zhichun Li, the Chief Security Scientist at Stellar Cyber. Something has to change.

Container Security Image

Containers Complicate Compliance (And What To Do About It)

If you work within the security industry, compliance is seen almost as a dirty word. You have likely run into situations like that which @Nemesis09 describes below. Here, we see it’s all too common for organizations to treat testing compliance as a checkbox exercise and to thereby view compliance in a way that goes against its entire purpose. There are challenges when it comes to compliance, for sure. Organizations need to figure out whether to shape their efforts to the letter of an existing law or to base their activities in the spirit of a “law” that best suits their security needs—even if that law doesn’t exists. There’s also the assumption that a company can acquire ‘good enough’ security by implementing a checkbox exercise, never mind the confusion explained by @Nemesis09. Podcast Episode 141: Massive Data Breaches Just Keep Happening. We Talk about Why. However, there is truth behind why […]