The Securities and Exchange Commission is raising the bar for enterprise cybersecurity with new disclosure and management rules for public companies that will take effect next week.  This is fantastic for the Cybersecurity community, as it will push companies that are publicly traded to do more to secure their assets, and in this author’s humble […]

The year 2023 saw heightened cybersecurity activity, with both security professionals and adversaries engaged in a constant cat-and-mouse game. The dynamic landscape of cyber threats and the ever-expanding digital attack surface have compelled organizations to refine and fortify their security architectures. Despite the collective hope for a reprieve from the onslaught of daily phishing, ransomware, […]

Enterprise risk management (ERM) teams are struggling to effectively mitigate third-party risk in an increasingly interconnected business environment, according to Gartner, Inc. In a Gartner survey of 100 executive risk committee members in September 2022, 84% of respondents said that third-party risk “misses” resulted in operations disruptions (see Figure 1). Gartner defines a third-party risk […]

“Operation Triangulation” stole mic recordings, photos, geolocation, and more. Moscow-based security firm Kaspersky has been hit by an advanced cyberattack that used clickless exploits to infect the iPhones of several dozen employees with malware that collects microphone recordings, photos, geolocation, and other data, company officials said. Repost from ArsTechnica

SiFive hopes to strengthen the RISC-V community with the contribution of its WorldGuard model. The emergence of RISC-V has been a revolutionary and powerful movement in the computing industry. Open-sourced and license-free, RISC-V has removed barriers to entry for chip designers and enabled thousands to design more easily than otherwise possible. There’s no doubt that […]