Security News

The upcoming physical return to the office is also set to bring the influx of IoT devices that may be installed on networks as part of new COVID-19 workplace compliance policies. Some of these devices may collect large quantities of personal data that needs to be protected and is subject to the GDPR. GDPR Privacy by Design.

CoreStack announced the availability of its CoreStack AI-powered, multi-cloud compliance and governance solution in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. CoreStack customers can now take advantage of the productive and trusted Azure cloud platform, with streamlined deployment and management.

While the CMMC doesn't completely replace the National Institute of Standards and Technology SP 800-171, it does include and build on these standards for a clear purpose. Enter the CMMC. With this new regulation, the DoD establishes five levels of cybersecurity preparedness, ranging from level one to level five.

Cloud security is more topical than ever when considering all the fun things that have happened in 2021 with security startups! Before talking about innovation and startups though, let's talk about a brief history of cloud security especially public cloud.

CrossComply is one of four solutions available within AuditBoard's integrated GRC platform, which streamlines and simplifies audit, risk, and compliance programs for large organizations. Gartner recently cited IT Governance as a top risk in 2021, and a March 2021 AuditBoard market survey found that 47% of teams are still managing IT and information security compliance with manual processes and spreadsheets, leaving themselves vulnerable to errors, gaps, and risks.

The ioXt Alliance announced that it is expanding its ioXt Compliance Program with a new mobile application profile with added requirements for VPN applications. Defined collaboratively by technology companies such as Google and Amazon, in partnership with security labs, NowSecure, NCC Group, DEKRA, Onward Security and 7layers, and aligned with the initiatives set forth by VPN Trust Initiative, these new security standards for the mobile app and VPN markets will bring transparency and visibility to consumer and enterprise buyers, to advance security in the IoT industry as a whole.

OneTrust announced it has completed the acquisition of ethics and compliance leader Convercent. The Convercent technology, 150 employees, 750 customers, and global CONVERGE community will become core to the ethics and compliance offering.

Styra announced new compliance packs for its Declarative Authorization Service, which include MITRE ATT&CK Matrix for enterprise covering cloud-based techniques, and CIS Kubernetes Benchmarks, to ease collaboration between security and DevOps teams. These two new turnkey compliance packs consist of best practices from the OPA community, and are the latest additions to the Styra compliance pack library, which includes PCI DSS 3.2, Admission Control Best Practices and Kubernetes Pod Security Policies.

The report highlights trends in open source usage within commercial applications and provides insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of. It also details the pervasive risks posed by unmanaged open source, including security vulnerabilities, outdated or abandoned components, and license compliance issues.

New research from FICO highlights the key challenges North American fraud and financial crime teams faced amidst the COVID-19 pandemic. 68 percent of senior executives said that remote working had a major impact on maintaining effective fraud and financial crime prevention functions within their organizations, during the past 12 months.