The boardroom conversations have begun. Your company’s CEO is eager to put generative AI into action. They know it’s vital to improving efficiency and productivity as well as maintaining competitiveness. But, they’ve also heard about the risks. Namely, hallucinations, data leakage and cyber-attacks. So, they turn to you: the company’s CISO. You, yourself, know that […]

Human error triggers Mercedes-Benz sensitive data leak
In a recent security lapse, Mercedes-Benz inadvertently exposed a wealth of internal data when a private key, providing “unrestricted access” to the company’s source code, was found in a public GitHub repository. Details about the Mercedes-Benz data exposure During an internet scan in January 2024, a threat hunter at RedHunt Labs stumbled upon a Mercedes […]

How AI can reduce false positives in data leak prevention
Data loss prevention (DLP) tools have long been a cause of frustration in the security operations center (SOC). Known for generating an overwhelming amount of false positives and being manually intensive to configure, many security teams see DLP as more of a burden than an asset. But it’s not DLP, in itself, that’s the problem. […]

Navigating AI risks: Top data leak threats for enterprises in 2024
Authors: Yasir Ali & Armando Pauker As we start 2024, the enterprise realm is witnessing a transformative wave with the escalating adoption of artificial intelligence (AI). This surge in AI integration, stretching across many industries, brings with it a critical focus area: heightened data security risks and the looming threats of data breaches. As businesses […]

NASA’s DLP program fails to lift off
Houston, we have a problem. NASA may have put men on the moon, but its privacy program is in need of some rocket fuel. That’s according to the aerospace agency’s Office of Inspector General (OIG), who recently reviewed NASA’s privacy program and found its data loss prevention (DLP) approach to be astronomically lacking. In an […]

Over 4 million sensitive school records exposed in cloud data leak
This week, thousands of schools across the US became embroiled in a mass data leak, after the school safety software company—Raptor Technologies—accidentally left troves of sensitive data exposed on the internet. What happened with the Raptor Technologies data breach? On January 11, a cybersecurity researcher unearthed a concerning discovery: an unprotected database housing an estimated […]

Can SASE secure generative AI applications?
According to the analyst firm Forrester, this year is going to be a major one for generative AI (GenAI) data breaches and compliance fines. It’s easy to see why. While the accidental insider threat has long been a leading cause of cybersecurity incidents in the enterprise, the rise of applications like ChatGPT and Bard mean […]

The rewards & risks of generative AI in the software development life cycle
As a savvy developer, you know that generative AI is a must to boost your productivity, speed and efficiency. But, you’re also cautious. You read about the Samsung data breach (where employees unwittingly input confidential source code into ChatGPT and faced disciplinary action as a result), and you don’t quite know how to reap the […]

Need to know: NIST’s upcoming guidance on cybersecurity awareness & training
It’s been 20 years since the National Institute of Standards and Technology (NIST) released its guidance on building enterprise security awareness and training programs. A lot has changed since then. With new attack types, the advent of cloud applications, the work-from-anywhere era, and generative AI, NIST has realized that their previous idea of effective training […]

2023 Polymer holiday giveaway
During the holiday season, we like to share one of our favorite books with friends of Polymer. It’s become a yearly tradition. In 2022, we gifted Michael A. Singer’s The Surrender Experiment: My Journey into Life’s Perfection. It’s an impactful memoir about how Singer decided to embrace the flow of life. This personal shift led […]

MongoDB data breach: Customer data stolen in cyber attack
It’s not a happy holiday for MongoDB after the company was the victim of a cyber attack involving the theft of sensitive customer information. MongoDB offers an open source NoSQL database management program for over 46,000 customers as an alternative to traditional relational databases. Here’s everything we know about the data breach so far, including […]