Authors: Yasir Ali (Founder, Polymer DLP) & Aaron Bray (Founder, Phylum) Software supply chain is at risk with LLM adoption Developers now have access to powerful generative AI models that assist in writing code, automating mundane tasks, and improving productivity. While this technology holds tremendous promise, it also brings to light a pressing concern—the potential […]
What’s the difference between DSPM & CSPM?
Not too long ago, cloud security posture management (CSPM) seemed like the holy grail of cloud security, promising unparalleled protection in the cloud-first world. However, organizations have come to realize that although CSPM is great at identifying infrastructure vulnerabilities, data breaches are still happening troublingly frequently. As a result, data security posture management (DSPM) has […]
How to overcome the regulatory risks of generative AI
The domain of artificial intelligence (AI), particularly generative AI (GenAI), is brimming with intriguing potential for companies all over the world. conversational AI bots, open-source large language models (LLMs), and specialized models are now ubiquitous in organizations. However, the rapid advancement and widespread adoption of these tools is creating substantial challenges when it comes to […]
Is your DLP solution ready for generative AI?
It seems that new AI tools are popping up by the day, promising to revolutionize productivity, efficiency and accuracy in the workplace. With so much to gain from AI platforms like ChatGPT, it’s no wonder that adoption has skyrocketed. But, in the rush to unleash the benefits of these novel tools, it’s vital not to […]
3 mistakes law firms make with Slack
In today’s fast-paced legal landscape, Slack has emerged as the go-to collaboration app for law firms worldwide. However, legal personnel often make a few all too common mistakes with this app that expose their companies to compliance gaps and hinder their ability to effectively manage sensitive information. Below, we’ll explore these mistakes in detail, offering […]
What is PCI DSS 4.0 and how does it impact banks’ data workflows?
PCI DSS is getting a long-awaited makeover and banking institutions need to take note. Sure, banks should be in a good stead to meet PCI compliance, given that they already have to contend with a range of strict data privacy regulations and auditing requirements, such as the GBLA, SOX and regular audits from the FDIC […]
What are the HIPAA Privacy Rule changes for 2023?
A little while back in December 2020, the Office of Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM), notifying us of upcoming augmentations to the HIPAA Privacy Rule. Three years and a lot of back and forth later, and it looks like those changes are about to be finalized into law. While we […]
Is insurance industry data safe in cloud apps?
In January of this year, the personal data of over 2 million Aflac life insurance and Zurich auto insurance policyholders ended up on the dark web. How? Because hackers used a contractor’s stolen credentials to break into a cloud server used for marketing purposes. The information stolen included policyholder names, ages, genders, insurance data, coverage […]
Mastering GLBA compliance 2.0: How to safeguard customer data
The Gramm-Leach-Bliley Act (GLBA) plays a vital role in safeguarding nonpublic personal information (NPI) within the financial sector. The revised Safeguard Rule going in effect June 9 2023 has laid out a fairly detailed set of recommendations in setting up an information security program and also to protect customer data. Conforming to GLBA cannot be […]
What you need to know about the US National Cybersecurity Strategy
On March 2, 2023, the Biden administration announced the release of a new National Cybersecurity Strategy, outlining the government’s approach to strengthen cybersecurity governance, improve online safety for citizens and build a fortified digital ecosystem resilient to attacks. Whether your organization resides in the public or private sector, the National Cybersecurity Strategy will have implications […]
How to protect patient data against insider threats?
It’s no secret that the healthcare sector is a prime target for cyber-attacks. Research shows healthcare organizations in the US experienced 1,426 attacks per week in 2022 – up 60% from the year before. But while healthcare companies spend their limited resources and time shielding patient health information (PHI) from external threats, they forget that […]