Originally published by CXO REvolutionaries. Picture this: you’ve just finalized your M&A deal, only to discover a cybersecurity incident emerging—whether it’s a breach, data leak, or system compromise. Suddenly, the clock is ticking, and you’re faced with a tight deadline to report this material event to the SEC and your stakeholders. Recent...
Originally published by Pentera. Every company has some level of tech debt. Unless you’re a brand new start-up, you most likely have a patchwork of solutions that have been implemented throughout the years, often under various leadership teams with different priorities and goals. As those technologies age, they can leave your organization vulnerable to cyber threats...
Originally published by Truyo. With the full text of the EU AI Act made public, Truyo President Dan Clarke read through the Act in its entirety to identify key elements that will be crucial to compliance for organizations in scope. The Act includes the conventional components of transparency, privacy, education, security, non-discrimination, and risk assessment...
Originally published by CXO REvolutionaries. Written by Ben Corll, CISO in Residence, Zscaler. In early 2024, I had the privilege of teaching a SANS leadership course in New Orleans. The food was amazing, as expected. What I didn’t expect was the sheer number of operational technology (OT) security professionals who would be in attendance. As I attended the...
One consequence of serving as SFS president is that I have become more attuned to the rich array of contributions made by individuals in our community. Rather than attempting to impart wisdom or inspiration directly (fat chance, Baxter!), I’ll encourage you to find these in my accounts of others–I’ve always been a story-teller anyway, though an admittedly...
Deep in Rankin county, on a road that connects two small, predominantly white Mississippi towns, sits a red brick house that my great-great-grandfather built. It’s quaint, with lush St. Augustine grass that sprawls across three acres. It’s nothing special, except in the past two years, after our family unit dwindled from four to two, it has become mine...
RubyConf2022 is three weeks away, and for some of you planning to attend, this may be your first RubyConf, tech conference or conference in general! If you’re in this boat, you may be feeling a range of emotions. Events like these are often big (we have 400+ people signed up for RubyConf2022 so far!), full of official and unofficial events, and offer an abundance of...
Originally published by Uptycs. On 29 March 2024, the cybersecurity community turned its attention to a newly disclosed vulnerability in XZ Utils, identified as CVE-2024-3094. This backdoor vulnerability has sent ripples across the tech world, primarily due to the widespread use of XZ Utils for lossless data compression in Linux and macOS systems. This blog aims to...
An artist uses an airbrush to recreate the lunar surface on one of the four models comprising the LOLA, or Lunar Orbit and Landing Approach, simulator in this November 12, 1964, photo. Project LOLA was a simulator built at Langley to study problems related to landing on the lunar surface. In “Spaceflight Revolution: NASA Langley Research Center From Sputnik to...
Written by Ken Huang, Co-Chair of Two CSA AI Safety Working Groups, VP of Research of CSA GCR, and CEO of Distributedapps.ai. 1: Introduction AI safety and security are fundamental aspects that play distinct yet interconnected roles in the development and deployment of AI systems. AI security primarily revolves around safeguarding systems to ensure confidentiality...