Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Effectively acting as an invisible shield, the inner workings of IoT security are often taken for granted. However, we can focus and shine a light on the protocols and practices that provide the foundation of IoT security to help others see how these efficiently operate behind the scenes to protect complex networks of interconnected devices.

Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG). As email security technologies improve, scammers are turning to social media apps, text messages, and voice calls to conduct social engineering attacks.

Think of a cluttered desk, but on a digital scale. Businesses rely on hundreds of cloud-based, third-party Software-as-a-Service (SaaS) applications. Over a quarter (28%) of SME employees require 11 or more tools to manage the worker lifecycle. From the end user perspective, this isn’t a bad thing at all. Why not? SaaS applications are easy to activate, often coming with free editions or low-cost versions that accomplish a specialized task.

Striking the right balance between innovation using Artificial Intelligence (AI) and Large Language Models (LLMs) and data protection is essential. In this blog, we’ll explore critical strategies for ensuring AI and LLM data security, highlighting some trade-offs.

In this age of digital supremacy, keeping our data safe and respecting privacy are super important. As more and more people and businesses use online platforms, it’s crucial to understand what types of data need that extra layer of protection, especially when it comes to PII vs PHI vs PCI. Understanding the distinctions between PII (Personally Identifiable Information), PHI (Protected Health Information), and PCI (Payment Card Information) is crucial.

The slow and steady progression of technology has transformed the way we work (and think about work) in so many exciting ways. The past few decades have opened new opportunities to create, automate, and manage just about everything that might exist within the IT ecosystem… but sometimes that progression creates complexity and conflict, as new technology solutions clash with existing standards and operations.

Earlier this month, I was thrilled to join forces with the team at Dark Reading for a webinar on the future of AI in security operations. Titled CISO Perspectives: How to make AI an accelerator, not a blocker, the webinar allowed me to take a deep dive into the future role of AI in security with some of the most knowledgeable CISOs on the subject, Mandy Andress of Elastic and Matt Hillary of Drata.

The momentous rise of AI continues, and more and more customers are demanding concrete results from these early implementations. The time has come for tech companies to prove what AI can do beyond adding conversational chat agents to website sidebars. Fortunately, it’s easy to see how cloud data protection has already benefited from advancements in AI and ML. Headline-grabbing large-language models are also making protecting data in the cloud easier to manage across organizations. ‍

Snyk Code was the only code security tool shortlisted by developers as an AI tool they’ve been regularly using this past year or are looking forward to using next year in Stack Overflow’s recent 2024 AI Search and Developer Tools survey. This underlines Snyk’s dominance as the favorite AI security tool of both developers and security teams and confirms that Snyk Code is providing immense value to developers.