IT Operations

IT Operations | News, how-tos, features, reviews, and videos

Conceptual image of a network labeled 'Zero Trust.'

OMB issues zero-trust strategy for federal agencies

All federal agencies must meet zero-trust goals that the U.S. Office of Management and Budget has set by 2024, building on earlier federal cybersecurity initiatives.

Global geopolitical vectors

Data residency laws pushing companies toward residency as a service

Many countries now require companies that operate within its boundaries to store data on their residents locally. Using residency-as-a-service providers is becoming an important option.

An engineer reviews strategy framework data.

Using the NIST Cybersecurity Framework to address organizational risk

NIST's CSF, used with other guidance, can help map risk to actual threats and better comply with security mandates such as the U.S.'s cybersecurity executive order.

rules rulebook law compliance regulation by baloon111 getty

FTC, SEC raise legal risks surrounding the log4j flaw

The U.S. Federal Trade Commission also threatened possible legal action for companies that don't address the risk from the Log4j vulnerabilities.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

What is PII? Examples, laws, and standards

Personally identifiable information (PII), is any piece of data that could be used—either alone or when combined with other data—to identify an individual. Some types of PII are obvious, such as a name or Social Security number, but...

Gears in the form of a cloud in a binary field  >  Cloud controls

UK NCSC updates Cyber Essentials technical controls requirements and pricing structure

Technical controls update includes revisions surrounding the use of cloud services, multi-factor authentication, and password management. New pricing structure better reflects organisational size and complexity.

01 intro prediction

Top 8 cybersecurity predictions for 2022

Seeing opportunities in the mass move to remote work, cyberattackers are updating their tactics, compelling security leaders to respond. Experts make their predictions about threat reduction, compliance, supply chain management,...

iot security startups hot highlights planets rocket lock security

18 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...

USA / United States of America stars + stripes and binary code superimposed over The White House

NIST gears up for software security and IoT labeling pilot programs

Intended to help consumer make more secure software and IoT device purchases, the labeling guidelines are voluntary and self-policing at this time.

A binary map of china.

China's Personal Information Protection Law (PIPL) presents challenges for CISOs

PIPL's data localization mandate places unique requirements on businesses operating in China, and regulators have great leeway to assess fines.

facial recognition - biometric security identification

UK ICO to fine Clearview AI £17 million for data protection law breaches

The facial recognition company is cited for not having proper data protection processes in place or a lawful reason to collect personal information, among other violations.

noops devops automated developers ai code by andrey suslov

NIST workshop provides clues to upcoming software supply chain security guidelines

Experts at a NIST-sponsored workshop weigh in on what might be in the final version of the Biden executive-order-mandated supply chain security guidelines.

Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

Pentagon announces version 2.0 of its controversial CMMC program

CMMC 2.0 simplifies the process for SMBs, but critics say the verification process relies too much on self-attestation.

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

Infrastructure bill includes $1.9 billion for cybersecurity

Passage of the infrastructure bill includes $1.9 billion for cybersecurity, and more could be on the way with the Build Back Better and other bills working their way through Congress.

A broken link in a digital chaing / weakness / vulnerability

CISA releases directive to remediate dangerous vulnerabilities across civilian agencies

While the move is applauded, a short timeframe to address vulnerabilities will be a challenge for security resource-strapped agencies.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden’s cybersecurity executive order, a progress report

Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.

mark adams adobe cso headshot

How Adobe reduced compliance fatigue

With compliance putting undo strain on product teams, Adobe SVP and CSO Mark Adams and team built an automation platform. The effort paid off in scale, speed, and reduced risk and earned the software provider a CSO50 award for...

endpoint security hacker vulnerablility secure mobile security app

FCC asks carriers to step up to stop SIM swapping, port-out fraud

The US federal agency puts pressure on telecom carriers to put better authentication, account protection safeguards in place.

compliance compliant regulation rules stamp gdpr

Telos, Splunk, and StackArmor streamline ATO compliance on AWS

The FASTTR initiative from the three cloud and security companies aims to help regulated defense contractors and software providers navigate through complex government security regulations including FedRAMP, CMMC, FISMA, and...

keeping the cloud secure cloud security lock padlock private cloud

CISA's Cloud Security Technical Reference Architecture: Where it succeeds and where it falls short

CISA's reference architecture will help federal government agencies improve cloud security, but it relies too much on outdated guidance.

Load More
You Might Also Like