Governance, Risk & Compliance

The Good, the Bad, and the Politics of Biden’s Cybersecurity Order

Jeffrey Burt | January 17, 2025 | AI Security, Biden National Cybersecurity Strategy, Donald Trump, foreign threat actors, secure software supply chain

President Biden in the last few days of his administration issued an expansive cybersecurity EO that touched on issues like software supply chain, AI, and foreign adversaries. Many approved of the effort, ...

Security Boulevard

Outgoing U.S. President, Joseph Robinette Biden Jr.

This is HUGE: Biden’s Cybersecurity Exec. Order — Big Parting Gift to Trump

Wow. Just Wow: Joseph Robinette Biden Jr. hits the emergency “do something” button ...

Security Boulevard

Advanced Persistent Threat (APT): Examples and Prevention

Legit Security | January 17, 2025 | AppSec, Compliance, Explainers, Legit, threats

Advanced persistent threats (APTs) use sophisticated tools and techniques to breach systems and maintain access—all while remaining undetected. Unlike other cyberattacks, APTs work over an extended period, using more resources to achieve ...

Legit Security Blog

Cybersecurity Insights with Contrast CISO David Lindner | 01/17/25

David Lindner, Director, Application Security | January 17, 2025 | Application Detection and Response (ADR), CFO, CISO, CISO Insights, Cybersecurity ROI, Data breach, encryption, healthcare cybersecurity, HIPAA, HIPAA Amendments, MFA, Multifactor Authentication, Threat Intelligence

Insight No. 1: HIPAA amendments: More bureaucratic BS? Most media reports are hyping proposed HIPAA amendments, claiming they'll magically close security gaps. Yeah, right. Like forcing already overwhelmed healthcare providers to jump ...

AppSec Observer

White House Executive Order: Strengthening and Promoting Innovation in the Nation’s Cybersecurity

Joe Nicastro | January 16, 2025 | AppSec, CISO, Compliance, Legit

Get details on this new cybersecurity Executive Order and its implications. ...

Legit Security Blog

The DORA Deadline Is Here: But There’s Still Time to Comply

Thomas Stoesser | January 16, 2025 | Compliance, Financial Services

It’s almost time. After several years in the making, the long-awaited compliance deadline for the EU Digital Operational Resilience Act (DORA) is finally here. After Friday, January 17, non-compliant organizations serving customers ...

comforte Blog

Securing generative AI: 5 action items to protect your organization

John P. Mello Jr. | January 16, 2025 | security operations

Generative AI applications can be a rich source of opportunity for increased productivity and innovation for organizations. At the same time, they are fast becoming a headache for security teams. In a ...

Blog (Main)

Allstate Violates Drivers’ Privacy, Texas AG Alleges

Don’t Mess With Texas Privacy: “We will hold all these companies accountable,” rants state attorney general Ken Paxton (pictured) ...

Security Boulevard

critical, infrastructure, threats, cybersecurity energy infrastructure CISA NSA

Critical Infrastructure Seeing Benefits of Government Program, CISA Says

Jeffrey Burt | January 14, 2025 | cisa, critical infrastructure assets, Cybersecurity, Salt Typhoon cyberattack, Volt Typhoon

CISA in two years has seen the number of critical infrastructure organizations signing up for its CPG services double, which has improved the overall security in most sectors, but more needs to ...

Security Boulevard

healthcare, breach, organizations, healthcare, cybersecurity healthcare UnitedHealth CISO

HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach

George V. Hulme | January 13, 2025 | Cybersecurity, healthcare

The new rules come in the wake of the Change Healthcare breach, which exposed the electronic personal health information of about 100 million Americans ...

Security Boulevard