IT Operations

IT Operations | News, how-tos, features, reviews, and videos

A binary map of china.
facial recognition - biometric security identification

iot security startups hot highlights planets rocket lock security

18 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...

noops devops automated developers ai code by andrey suslov

NIST workshop provides clues to upcoming software supply chain security guidelines

Experts at a NIST-sponsored workshop weigh in on what might be in the final version of the Biden executive-order-mandated supply chain security guidelines.

Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

Pentagon announces version 2.0 of its controversial CMMC program

CMMC 2.0 simplifies the process for SMBs, but critics say the verification process relies too much on self-attestation.

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

Infrastructure bill includes $1.9 billion for cybersecurity

Passage of the infrastructure bill includes $1.9 billion for cybersecurity, and more could be on the way with the Build Back Better and other bills working their way through Congress.

A broken link in a digital chaing / weakness / vulnerability

CISA releases directive to remediate dangerous vulnerabilities across civilian agencies

While the move is applauded, a short timeframe to address vulnerabilities will be a challenge for security resource-strapped agencies.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden’s cybersecurity executive order, a progress report

Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.

mark adams adobe cso headshot

How Adobe reduced compliance fatigue

With compliance putting undo strain on product teams, Adobe SVP and CSO Mark Adams and team built an automation platform. The effort paid off in scale, speed, and reduced risk and earned the software provider a CSO50 award for...

endpoint security hacker vulnerablility secure mobile security app

FCC asks carriers to step up to stop SIM swapping, port-out fraud

The US federal agency puts pressure on telecom carriers to put better authentication, account protection safeguards in place.

compliance compliant regulation rules stamp gdpr

Telos, Splunk, and StackArmor streamline ATO compliance on AWS

The FASTTR initiative from the three cloud and security companies aims to help regulated defense contractors and software providers navigate through complex government security regulations including FedRAMP, CMMC, FISMA, and...

keeping the cloud secure cloud security lock padlock private cloud

CISA's Cloud Security Technical Reference Architecture: Where it succeeds and where it falls short

CISA's reference architecture will help federal government agencies improve cloud security, but it relies too much on outdated guidance.

healthcare data breach / medical patient privacy security violation

Breach reporting required for health apps and devices, FTC says

A new policy statement makes it clear that the US Federal Trade Commission will hold healthcare app and device makers accountable for reporting data breaches.

Ransomware  >  An encrypted system, held ransom with lock + chain, displays a dollar sign.

US cryptocurrency exchange sanctions over ransomware likely not the last

The sanctions are aimed to cut ransomware gangs off from their revenue. Advisory on sanctions risks regarding ransomware payments also updated.

USA / United States of America stars + stripes and binary code superimposed over The White House

Software cybersecurity labels face practical, cost challenges

The federal government wants consumer software to have cybersecurity labels; experts question the feasibility of the mandate.

Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

Federal agencies face new zero-trust cybersecurity requirements

The OMB and CISA issue guidance to move all federal agencies to a shared zero-trust maturity model for FY22-24. The catch: No new funding.

Stack of legal documents with compliance and regulatory stamp

Lack of C3PAO assessors jeopardizes DoD CMMC certification goal

Only 100 approved assessors are available to certify that 300,000 US DoD providers are in compliance with the Cybersecurity Maturity Model Certification by the 2023 deadline.

A gavel rests on open law book. [law / regulation / compliance / legal liability]

Security and privacy laws, regulations, and compliance: The complete guide

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.

A laptop displays binary code and the flag of China.

China's PIPL privacy law imposes new data handling requirements

The Personal Information Protection Law will force global companies doing business in China to be more careful with cross-border flow of personal information.

cso security global breach networking hack invasion infiltrate 5g connected gettyimages 1211443622

Data sovereignty laws place new burdens on CISOs

More than 100 countries now require data on their citizens be stored or processed within their boundaries, presenting new data protection challenges.

Load More