Security News

HITRUST announced a major feature enhancement to its information risk management platform, HITRUST MyCSF, that significantly streamlines how organizations capture and present regulatory compliance evidence. Both the new Compliance and Reporting Pack feature for HITRUST MyCSF and the new Regulatory Assistance Center initially focus on the Health Insurance Portability and Accountability Act, expanding into other regulations in the future.

Datadog announced a new integration for Datadog Compliance Monitoring with the Amazon Web Services Well-Architected Tool. The AWS Well-Architected Tool enables customers to review the state of their workloads and compare them to the latest AWS architecture best practices.

PCI Pal announced a new collaboration with Oracle to offer its contact center customers additional security and compliance options for Cardholder Not Present payments. Bringing together Oracle's market-leading Enterprise Session Border Controller with PCI Pal's proven PCI compliance solutions, Oracle customers can ensure that their voice interactions and sensitive cardholder data are secure.

Saviynt announced the general availability of their latest platform release, named Saviynt 2020. Designed to support the modern enterprise IT landscape, Saviynt 2020 is already helping 1.6M users at major global organizations manage risk, scale cloud initiatives, and maintain regulatory compliance.

Tanium announced it is working with IBM to create a security and compliance monitoring solution for hybrid cloud, creating an easy path to verify and validate compliance for highly regulated industries such as healthcare, financial services and government. Because most public cloud environments are still hardening their compliance and security instrumentation, regulated industries find they spend too much time, effort and money to obtain complete and consolidated audit evidence for cloud workloads.

Most Fortune 1000 compliance and security teams have the ability to access employee accounts on their enterprise communications platform to monitor activity and investigate bad actors. Unfortunately for enterprise security and compliance teams in most companies, unsanctioned communications platforms like WhatsApp are being used outside to conduct sensitive business in contravention of corporate policies.

Git LFS vulnerability allows attackers to compromise targets' Windows systemsA critical vulnerability in Git Large File Storage, an open source Git extension for versioning large files, allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker's malicious repository using a vulnerable Git version control tool, security researcher Dawid Golunski has discovered. November 2020 Patch Tuesday forecast: Significant OS changes aheadNovember Patch Tuesday and the end-of-year holidays are rapidly approaching.

A recent survey revealed that, on average, organizations must comply with 13 different IT security and/or privacy regulations and spend $3.5 million annually on compliance activities, with compliance audits consuming 58 working days each quarter. To select a suitable compliance solution for your business, you need to think about a variety of factors.

SafeGuard Cyber announced the results of a survey of 600 senior enterprise IT and security professionals, conducted to understand how businesses rate their own security and compliance risks in the new digital reality of the workplace brought by the COVID-19 pandemic. "Everyone in business understands the pandemic has had a seismic impact, but we were still surprised to learn how vulnerable organizations feel about the digital technologies they've adopted," said Jim Zuffoletti, CEO, SafeGuard Cyber.

Orca Security announced the second generation of its cloud security platform, featuring unique capabilities built specifically to respond to the public cloud security and compliance needs of global financial services customers. "The rapid digitization of services coupled with increased cloud adoption opens financial organizations to incredible risk. With Orca Security, they gain the full cloud coverage and insights they need without agents to maximize compliance and security confidence to meet the tsunami of regulations on the horizon."