How CISOs Can Craft Better Narratives for the Board Communicating cyber-risk upward to the C-suite and board takes simplification and a better understanding of the audience.
New Policy Group Wants to Improve Cybersecurity Disclosure, Support Researchers The new Security Legal Research Fund and Hacking Policy Council are aimed at protecting "good faith" security researchers from legal threats and giving them a voice in policy discussions.
OpenSSF Adds Software Supply Chain Tracks to SLSA Framework The Open Source Security Foundation's SLSA v1.0 release is an important milestone in improving software supply chain security and providing organizations with the tools they need to protect their software.
Where There's No Code, There's No SDLC How can we build security back into software development in a low-code/no-code environment?
Shadow IT, SaaS Pose Security Liability for Enterprises Software written or acquired outside of IT's purview is software that IT can't evaluate for security or compliance.
Intel Prioritizes Security in Latest vPro Chips While Intel is building more hardware protections directly into the chips, enterprises still need a strategy for applying security updates on these components.
How Zero Trust Can Protect Systems Against Generative AI Agents Researchers explore a love-hate relationship with AI tools like ChatGPT, which can be used to both attack and defend more efficiently.
Newer Authentication Tech a Priority for 2023 Organizations are planning on newer multifactor authentication methods, such as invisible MFA and passwordless, says SecureAuth in its "State of Authentication" report.
ZeroFox Acquires LookingGlass The combined company will boost ZeroFox's attack surface management capabilities.