%term

Get ready for the New EU directive, NIS 2

May 28, 2024 By Cato Networks In Cato Networks

The NIS 2 Directive aims to enhance cybersecurity across the EU by extending regulations to a broader range of critical infrastructure operators and digital service providers. With a compliance deadline of October 17, 2024, organizations must strengthen their security measures to avoid fines and liability. Even non-EU companies serving EU citizens are affected.

View Video

Cato Networks

Read more about Get ready for the New EU directive, NIS 2

Complying With the New SEC Cybersecurity Regulations: A How-to Guide

May 28, 2024 By Kovrr In Kovrr

‍Since the SEC's latest cybersecurity regulations went into effect, thousands of companies have already been compelled to submit their annual Form 10-K with the novel Item 1C. Similarly, dozens of organizations have filed updated Form 8-Ks to disclose cybersecurity incidents. Slowly but surely, these public reports are helping investors become more aware of the intrinsic relationship between cyber risk and market value.

Read Post

Kovrr

Read more about Complying With the New SEC Cybersecurity Regulations: A How-to Guide

Achieving Automated TISAX Compliance

May 27, 2024 By Faisal Parkar In Tripwire

Cyberattacks on the automotive industry are becoming more sophisticated. In its 2024 Automotive Cybersecurity Report, Upstream found that 50% of all automotive cyber incidents in 2023 had a high or massive impact. Similarly, 95% of all attacks in 2023 were executed remotely, and 37% of attacker activities in the deep and dark web target multiple original equipment manufacturers (OEMs) simultaneously.

Read Post

Tripwire

Read more about Achieving Automated TISAX Compliance

Mastering SQL Injection : A Comprehensive Guide to SQL Map

May 27, 2024 By VISTA InfoSec In VISTA InfoSec

In this video we will learn about one of the most prevalent database threats today, SQL Injection attack which is a common method used by hackers to exploit vulnerabilities in web applications that interact with databases. Join us as we explore the inner workings of this malicious technique and understand how SQLMAP Tool, a powerful open-source penetration testing tool can be used to protect your data. With step-by-step examples and demonstrations, we will show how to install SQLMAP and take countermeasures.

View Video

VISTA InfoSec

Read more about Mastering SQL Injection : A Comprehensive Guide to SQL Map

What is FedRAMP? (And who needs to know)

May 26, 2024 By Richa Tiwari In TrustCloud

For SaaS applications and cloud service providers (CSPs), maintaining compliance with FedRAMP requirements is critical to the bottom line. It means the difference between working with U.S. government agencies—or not. But as one might expect from a bureaucratic process, getting FedRAMP authorization is complicated and takes time. Before starting the FedRAMP approval process, teams and company leaders must understand the required steps, prepare thoroughly, and muster their patience.

Read Post

TrustCloud

Read more about What is FedRAMP? (And who needs to know)

PCI DSS For Small Business

May 24, 2024 By Narendra Sahoo In VISTA InfoSec

In an era where digital transactions reign supreme, ensuring the security of payment card data is paramount for businesses. This is where the Payment Card Industry Data Security Standard (PCI DSS) comes into play, serving as a crucial framework for safeguarding sensitive information and protecting both businesses and consumers from the ever-present threat of cybercrime. While it is generally associated with large businesses, it is equally important for smaller ones as well.

Read Post

VISTA InfoSec

Read more about PCI DSS For Small Business

DORA Regulation: What Financial Institutions Need To Do

May 24, 2024 By Yannis Velitsikakis In Obrela

As a cybersecurity company, Obrela is vigilant in monitoring the evolving regulations and how these impact our clients, especially those in the financial sector. With the introduction of the Digital Operational Resilience Act (DORA), we see a transformative step forward in the European Union’s approach to financial cyber resilience. Here’s an overview of what DORA entails and what it means for financial entities.

Read Post

Obrela

Read more about DORA Regulation: What Financial Institutions Need To Do

Key Take Aways from RSA 2024

May 23, 2024 By Paul Davis In JFrog

The impact of the 2024 RSA Conference on security in San Francisco was beyond expectations. It was really a fantastic opportunity to meet an amazing group of individuals from all stages of the software supply chain from CISOs to researchers to development and security teams.

Read Post

JFrog

Read more about Key Take Aways from RSA 2024

How to Use the Terraform Destroy Command to Control Cyber Attack Damage

May 23, 2024 By Narendra Sahoo In VISTA InfoSec

In many cases, cutting something off is necessary to avoid bigger damage. This is the idea behind controlled infrastructure removal, the elimination of some parts of your cloud infrastructure to contain an attack or remove a potential attack surface. It is an important part of infrastructure-as-code (IaC) management and something organizations need to be familiar with as they secure their cloud environments and the apps they develop.

Read Post

VISTA InfoSec

Read more about How to Use the Terraform Destroy Command to Control Cyber Attack Damage

Guide: What is FedRAMP Tailored and What is The Difference?

May 23, 2024 By Max Aulakh In Ignyte

In the past, we’ve talked a lot about the various FedRAMP guidelines required to reach either a single Authority to Operate or a generalized Provisional Authority to Operate. One thing that can be said to be common to all of these is that, in general, you’re talking about FedRAMP Moderate Impact Levels when you discuss these kinds of standards and certification processes. This is because around 80% of cloud service providers and offerings are classified as Moderate impact.

Read Post