Probably most people have not heard of either company. Orange is like the Verizon of Europe, the largest telecom company there and Thales is very large multinational security products company that sells in both the commercial and military space. The number of cyber attacks against Internet of Things devices is skyrocketing Orange’s research team says […]
Continue reading → [DISPLAY_ACURAX_ICONS]China’s policymaking body, the Central Comprehensively Deepening Reforms Commission (I did not make up this name) approved a plan yesterday for developing home grown science and technology with an eye toward self-sufficiency. According to a press release by the state run news agency, Xi said that while China has made substantial progress in trying to […]
Continue reading → [DISPLAY_ACURAX_ICONS]As part of the Executive Order on Improving the Nation’s Cybersecurity (EO 14028), NIST is required to do several things. among those are guides and standards for improving supply chain security and they have already released a number of draft documents related to their tasks. IF you sell to the executive branch, these will become […]
Continue reading → [DISPLAY_ACURAX_ICONS]Hackers are targeting the cloud. Why? To paraphrase Willie Sutton, because that is where the data is. Historically, penetration testers gain access to network devices through the “perimeter defense” and then they move around (the so-called east-west movement) trying to get access to data, wherever it lives inside the network perimeter. But in the cloud, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Vendor risk must be a core part of every company’s cybersecurity program, but it is hard. Especially when the company is a tech company, developing software that you use. The term Minimum Viable Product or MVP is a term marketing folks have used for years to describe creating a version 1 product that has the […]
Continue reading → [DISPLAY_ACURAX_ICONS]This is probably not a surprise to anyone who is past elementary school – and probably not to many who are still in elementary school, but the group that was behind last year’s SolarWinds attack is still at it. Just like with SolarWinds, they are going after the global supply chain. 140 managed service providers […]
Continue reading → [DISPLAY_ACURAX_ICONS]