Securing privileged access through access management is vital because it ensures that an organisation’s people are only granted access to what they need to do their jobs, and only for the period for which they need it. Access management also allows…
“Talent shortage”, “skills gap”, “employee burnout in cybersecurity”, “high turnover rate” – as a cybersecurity professional, you must be familiar with these expressions, for better or for worse. You may have seen the big headlines pointing out talent shortage issues…
The PIPL (Personal Information Protection Law) has emerged as an unprecedented first example of highly protective regulation of personal data, establishing an uncertain framework that reinforces China's control. Despite recent clarifications from China’s authorities, the centralisation of information systems continues…
China may soon ease PIPL cross-border data transfer requirements, but your privacy compliance strategy should focus on the long term. Your company operates in China. You compile personal data relating to your Chinese employees and transfer them to your headquarters…
The industrial control system (ICS) is the set of resources and machines used to supervise and control an industrial process. This article looks at the security issues surrounding Windows devices of the ICS supervision and maintenance layer: SCADA servers and…
Confidential and strategic, the due diligence phase that precedes an acquisition regularly takes place behind closed doors. This phase aims to analyse the target company for an acquisition, in order to determine its level of maturity and compliance on various…
The dawn of generative Artificial Intelligence (GenAI) in the corporate sphere signals a turning point in the digital narrative. It is exemplified by pioneering tools like OpenAI’s ChatGPT (which found its way into Bing as “Bing Chat, leveraging the GPT-4…
Integrating security directly into the configuration of CI/CD pipelines, especially through the practice of DevSecOps, enables the development of secure applications while increasing delivery frequency. This relieves pressure on security teams, which can often be a limiting factor in the…
On a daily basis, stakeholders within construction handle a variety of data that may be of interest to malicious parties. They are subjected to the same types of malware attacks as players in other industries (e.g. theft, espionage, phishing, etc.).…
Back in 2021, a video of Tom Cruise making a coin disappear went viral. It was one of the first deepfake videos, videos that both amused and frightened Internet users. Over the years, artificial intelligence in all its forms has…