governance Archives

GRC, strategies, best practices, risk management,

4 Tips for Optimizing Your GRC Strategy

Alev Viggio | August 31, 2024 | Compliance, governance, risk

Why GRC strategies are often not as effective as they could be, and specific practices businesses can adopt to improve GRC operations ...

Security Boulevard

Toil Not: Automate DevOps Governance

Deb Radcliff | August 2, 2024 | attestation, CrowdStrike, DEVOPS, DevSecOps, governance, safety, SAST, SBOM, security, SolarWinds, TalkSecure Blog

By Deb Radcliff, DevSecOps analyst and editor of CodeSecure’s TalkSecure educational content (syndicated at Security Boulevard & YouTube) In this show, Deb interviews two innovative technologists driving the DevOps Automated Governance movement ...

CodeSecure

Securing Artifacts: Keyless Signing with Sigstore and CI/MON

Alex Ilgayev | August 1, 2024 | Blog, code tampering, governance, Hardening SDLC, research, software supply chain security

Artifact integrity is crucial in maintaining software security and trustworthiness. High-profile breaches like SolarWinds, CodeCov, 3CX, and JumpCloud have shown how altering artifact contents can lead to significant security vulnerabilities, enabling attackers ...

Cycode

GenAI, artificial intelligence, cyber risks, threats, cybersecurity

Risks of GenAI Rising as Employees Remain Divided About its Use in the Workplace

Sonya Duffin | May 16, 2024 | ai ethics, Artificial Intelligence, Data Privacy, data resilience, GenAI, governance, training

One in three office workers who use GenAI admit to sharing customer info, employee details and financial data with the platforms. Are you worried yet? ...

Security Boulevard

Critical Start Launches Cyber Risk Register

Nathan Eddy | May 6, 2024 | Compliance, critical risk, Cyber risk register, governance, recordkeeping, risk management, tracking system, workflow

The centralized system helps organizations identify, track, and reduce risks, addressing the challenges of incomplete risk visibility and manual processes ...

Security Boulevard

An Introduction to FinOps Governance: How to Get Started

Joe Pelletier | April 30, 2024 | governance

FinOps, a portmanteau of Finance and DevOps, is a strategic framework created to help companies understand and manage their cloud costs, enabling greater efficiency in cloud service usage. Created by the FinOps ...

Fairwinds | Blog

IBM quantum generative AI security, management, organizations, GDPR, Strike Force privacy, vendors, RFPs, cloud, data security DLP Iran DUMPS Conti Hackers Sandbox government HackerOne IBM data security

Cybersecurity a Top Priority for Audit Committees

Nathan Eddy | March 26, 2024 | Audit, Compliance, Cybersecurity, Deloitte, governance, risk

Audit committees consider cybersecurity their primary oversight focus as the SEC enforces tougher cyberattack disclosure regulations ...

Security Boulevard

digital identity, organizations, IGA driver's license identity verification

Identity Governance Has a Permission Problem

Deepak Taneja | February 15, 2024 | access, governance, iam, identity, Machine Identity, Permissions

Identity's role as the new security perimeter in the cloud is driving a new set of governance requirements and making permissions tricky ...

Security Boulevard

Cloudflare Akamai software, engineering, OWASP, organizations, appsec, AppSec Salt Security API security rise GitOps Finite State API APIs tokenization

Salt Security Adds Governance Engine to API Security Platform

Michael Vizard | January 17, 2024 | api, API security, Application Security, Compliance, governance, risk, Salt Security

Salt Security added a posture governance engine to its API security platform that defines and enforces implementation standards ...

Security Boulevard

DEF CON 31 – Secretary of US Homeland Security Alejandro Mayorkas

Marc Handelman | December 19, 2023 | Cybersecurity, DEF Con 31, DEFCONConference, governance, Information Security, national security, Security Conferences, USCG, USDHS

Many thanks to DEF CON 31 for publishing their terrific DefCon Conference 31 presenters content. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada; via ...

Infosecurity.US