Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Say you’re a medium-sized financial organization. Your clients trust you to not only provide excellent financial services, but to keep their money, financial data, and personal data safe. Unfortunately, the amount of money you store and move attracts a wide array of cybercriminals. Staying safe can become complicated, but no bank, trust, or credit union wants to gain headlines and lose customers over a breach. That’s where SOC2 (System and Organization Controls), can make a major difference.

The licensing partnership with the Navy will allow the Ignyte team to integrate SCAP with the existing open source ecosystem to bring the capability to a broader set of potential customers that serve the military.

Whether your org is about to begin its journey for SOC 2, or you’re planning to wrangle up more standards (think ISO 27001, CMMC, and HIPAA, to name a few), the set of tools and software you have in place can be make-or-break. We asked our customers what their recommended tools were, and compiled your shopping list for security and privacy program essentials. Tools or services marked with * denotes a partner or integration.

We are thrilled to announce that ARMO, the makers of Kubescape and ARMO Platform, has successfully obtained the SOC 2 certification. This achievement underscores ARMO’s unwavering commitment to maintaining the highest standards of security, privacy, and operational excellence for its customers and users. With the SOC 2 certification, ARMO demonstrates its dedication to safeguarding customer data and fortifying trust in its platform.

Whether it is reporting a phishing email or something that might be illegal that a coworker is doing, your employees should be a strong last line of defense for security and compliance. According to Gartner, almost 60 percent of all misconduct that is observed in the workplace never gets reported. For decades both compliance officers and security leaders have known that the earlier employees report incidents, the lower the risk. Yet low reporting rates continue to be a problem.

The Gramm-Leach Bliley Act (GLBA or GLB Act), or financial modernization act, is a bi-partisan federal regulation passed in 1999 to modernize the financial industry. It repealed vast swathes of the Glass-Steagall Act of 1933 and the Bank Holding Act of 1956, allowing commercial banks to offer financial services such as investments or insurance. It also controls how financial institutions deal with their customer's private information.

In March 2022, the U.S. Securities and Exchange Commission (SEC) issued a proposed rule, the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, that, if adopted, would require companies to disclose their cybersecurity governance capabilities and the role of the board concerning oversight of cyber risk.

Businesses in all industries face a constant barrage of threats and attacks. For government contractors (GovCons) handling sensitive information, ensuring robust security measures is paramount. A Managed Security Services Provider (MSSP) can be a valuable partner in safeguarding your organization’s critical assets. In this section, we will explore what an MSSP is, why GovCons need one, how to choose the right MSSP, and the essential questions to ask before hiring one.

Defense contractors face increasingly sophisticated cyber threats that can compromise sensitive data and disrupt operations. To combat these risks, the Department of Defense (DoD) has implemented the Cybersecurity Maturity Model Certification (CMMC).