supply chain
Compliance Does Not Equal Cybersecurity
HIPAA, GDPR, PCI, CIS, NIST. Does any of those acronyms sound familiar? Chances are, you’ve heard of several and have a general understanding of what they’re all about. For those that don't, ...
Data Philosophy and Technology Combine for Better Endpoint Security
Russel Ackoff was the one of first to define a hierarchy from data to wisdom (1). In Ackoff’s words: "Data are symbols that represent the properties of objects and events. Information ...
Russian Software Company Pretending to Be American
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents ...
Chinese Tech: Banned in DC, but not in the States
There’s a massive loophole in the federal ban on Chinese technology from sus firms such as Huawei and ZTE: It doesn’t stop states from buying it ...
APIs and the Software Supply Chain: What you need to know
The software supply chain is a concept that refers to the processes and technologies used to manage software products over their lifespan. It's a network of entities involved in the development, distribution, ...
Third-Party Risk in the Cloud
The term third-party risk applies to all risks introduced by external parties into an ecosystem, supply chain or infrastructure. Common third parties include vendors, partners, suppliers, service providers or contractors with access ...
Refurbished Security Devices: Mistaken Identity or Deception?
Buying refurbished devices is not uncommon. Online marketplaces, such as eBay, offer a platform for customers to purchase second-hand gadgets at a lower price than the original, but at a higher quality ...
CISO Interview Series: The thinking of a CISO at the front end of the cyber threat landscape.
What are the most important areas for a CISO to focus on? When speaking to Aman Sood, it becomes clear that the job of a CISO encompasses every aspect of a business. ...
NIST CSF 2.0 Workshop Themes: Praetorian’s View
On 17 August 2022, NIST conducted the first Workshop to organize the effort to update the NIST Cybersecurity Framework (CSF) to version 2.0. Praetorian originally submitted comments to the CSF 2.0 RFI ...
The Analyst Prompt #15: Network Environment-Focused Conversations Needed in Approaches to Cyber Security
Exploit Tools and Targets: Enhance Third-Party Risk Management to Mitigate Multi-Targeted Approach Third-party attacks, or supply chain attacks, occur when a trusted software, vendor, or other external company property or personnel is ...
