Nik Hewitt

TrueFort

The FTC Safeguards Rule requires financial institutions to guarantee protection of sensitive customer data  The FTC Safeguards Rule mandates that “financial institutions” should create comprehensive information security frameworks that ensure the protection of client data, specifically any “non-public personal information” (NPI), a subset of PII. This encompasses any private or personal ... Read More

The need for improved utility cybersecurity has never been more  critical   The utility industry, encompassing everything from water treatment facilities to nuclear power stations, represents the backbone of modern civilization. As the arteries of our contemporary world, these critical infrastructures deliver essential services that societies can’t function without. However, ... Read More

What are the common myths behind microsegmentation, and is it actually as hard to achieve as some people say?  The history of network segmentation is a complicated one with a plethora of semi-truths and anecdotal tales about the industry, practices, and methods used to defend against attackers. Facts are important, ... Read More

As OT networks integrate with IT environments, how can we bridge the gap to promote robust security?  The (sometimes intricate) lines between Operational Technology (OT) networks and Information Technology (IT) environments are blurring. Previously, OT networks, responsible for managing manufacturing, processing, distribution, and inventory management, functioned in isolation. Today, they ... Read More

More than just breach mitigation – File integrity monitoring (FIM) is trust and compliance  Every day, we see an ever-escalating array of cyber threats. As organizations race to safeguard their digital assets, the spotlight isn’t just on preventing breaches but also on ensuring regulatory compliance and earning stakeholders’ trust. In ... Read More

The challenges, responsibilities, and the modern cybersecurity battlefield for CISOs in 2024  I speak to many cybersecurity professionals, and if there’s one ongoing and pervasive concern they all highlight about the nature of their role, it’s change and “the unknown.” Only this week, the conflict in Lebanon has seen unpredictable ... Read More

How can an organization meet and exceed the ASD Essential Eight cybersecurity framework standards? Cyber threats have become more sophisticated, frequent, and damaging, ensuring the cybersecurity of an organization’s digital assets is no longer a luxury—it’s a necessity. As the digital landscape evolves, so does the need for frameworks and ... Read More

Everyone’s heard of zero trust architecture, but why has it become best practice for enterprises around the globe? There’s no shortage of cybersecurity buzzwords. Among them, “zero trust” stands out not just as a trendy term, but as a transformative approach to network security. But what does it truly entail, ... Read More

Fundamental obligations of the Asia-Pacific Personal Data Protection Act (PDPA) for cybersecurity teams In the information age, the significance of data cannot be overstated, and cybersecurity legislation and standards govern its usage around the globe. Data fuels innovations, steers decisions, and, more critically, builds trust between organizations and individuals. This ... Read More

Supply chain attacks and value-chain attacks, while not entirely new, have gained significant attention in recent years  With a surge in high-profile incidents like the SolarWinds Orion breach, a deeper understanding of the origin, mechanisms, and prevention of these threats has become imperative. But where do these attacks come from, ... Read More