Data and Information Security
Data and Information Security | News, how-tos, features, reviews, and videos
Inactive, unmaintained Salesforce sites vulnerable to threat actors
Research highlights the risks posed by inactive Salesforce sites that continue to pull sensitive business data and can be easily exploited by malicious actors.
6 ways generative AI chatbots and LLMs can enhance cybersecurity
Generative AI chatbots and large language models can be a double-edged swords from a risk perspective, but with proper use they can also improve cybersecurity in key ways
Researchers show ways to abuse Microsoft Teams accounts for lateral movement
Attackers have several ways to enable lateral movement within a network via a compromised Teams account.
IBM unveils end-to-end, quantum-safe tools to secure business, government data
Quantum Safe Technology combines expertise across cryptography and critical infrastructure to address the future security risks posed by quantum computing.
Evil digital twins and other risks: the use of twins opens up a host of new security concerns
Digital twins are incredibly useful tools for a range of industries. But they also come with intrinsic risk factors and could create new avenues for attacks unless security is involved when they’re created.
Small- and medium-sized businesses: don’t give up on cybersecurity
When the focus is often on the big hacking and ransomware cases involving multinational companies and governments, small- and medium-sized businesses can often feel left behind and powerless. But help is out there.
Samsung bans staff AI use over data leak concerns
Samsung has reportedly issued a memo prohibiting the use of generative AI systems like ChatGPT to prevent the upload of sensitive company data to external servers.
The hidden security risks in tech layoffs and how to mitigate them
Layoffs can be tough for both companies and employees. When grappling with anger, fear, and uncertainty, it's hard for anyone to be at their best. Here are some strategies for avoiding negative outcomes during layoffs.
Embracing zero-trust: a look at the NSA’s recommended IAM best practices for administrators
The US National Security Agency and CISA have published a set of guidelines to help secure systems from access- and identity-based threats. Here’s what to look for in this wide-ranging document.
AI-powered chatbots: the threats to national security are only beginning
As ChatGPT burst on the scene, it became quickly apparent that it holds as many threats as it does wonders. Nation-states around the world are beginning to grapple with the dangers posed by chatbots even as they worry about what comes...
North Dakota turns to AI to boost effectiveness and efficiency of its cybersecurity
The 19th-largest state in the US partnered with a cybersecurity vendor to shore up its defenses and take the pressure off staff. Artificial intelligence and machine learning have taken on big roles in the upgrade process.
Global intelligence assessments: you are the target
There’s a lot CISOs can learn from the reports that intelligence services from around the world generate on nation-state threats and tactics.
Russian cyber spy group APT28 backdoors Cisco routers via SNMP
The spy agency has been exploiting an old vulnerability that allows bad actors to gain access through simple network management protocol credentials.
Top risks and best practices for securely offboarding employees
Outgoing employees pose significant security risks to organizations. Here are some of the major issues with offboarding and what CISOs can do to make staff offboarding strategies more resilient.
SpinOne adds new capabilities to secure SaaS applications and data
Spin.ai's SpinOne adds SaaS security posture management and SaaS data leak prevention/loss protection modules, along with Jira, Slack and ServiceNow support, to streamline SaaS cybersecurity.
The classified document leak: let’s talk about Jack Teixeira’s need-to-know
The release of classified documents by a US Air National Guardsman highlights how important it is for CISOs to consider who should have access to sensitive data and why.
7 cybersecurity mindsets that undermine practitioners and how to avoid them
CISOs and other security practitioners can sometimes see things from a negative perspective, which is understandable given the nature of the job. But correcting how we see the role of cybersecurity can lead to much more positive...
