Our Blog

In cybersecurity, staying ahead of threats means using the right tools for the job. Automated penetration testing platforms and vulnerability scanning are two popular approaches to identifying risks, but they serve different purposes. While...

by Jake Clise, James Baucom, and Anthony Bolan In today’s fast-paced digital landscape, organizations juggle the demands of staying secure against evolving cyber threats while meeting stringent compliance standards like PCI DSS, HIPAA, ISO 27001,...

As artificial intelligence continues its rapid integration into everything from healthcare and finance to hiring and law enforcement, a critical question has emerged: who ensures AI plays by the rules? Organizations are under growing pressure to...

Tangible Security, a leading cybersecurity firm, conducted a controlled bakeoff test to evaluate the results of external and internal penetration testing between two widely used automated penetration testing platforms and a manual penetration test...

In our last blog post, we discussed important cybersecurity rule updates to HIPAA. To help you get started,  we’ve put together a checklist of changes the proposed rule imposes on organizations handling Electronic Protected Health Information...

The Department of Health and Human services recently issued a significant proposed change to the Health Insurance Portability and Accountability Act (HIPAA) to enhance the cybersecurity of protected health information (PHI). The general policy...

While machine learning is rapidly advancing human knowledge in fields such as biology, astronomy, and materials science, AI tools are just that – tools – and like any tool, it can be used for good or for ill. Deepfakes, meaning AI-generated...

Amazon Web Services (AWS) is a powerful and flexible cloud computing platform, but like most cloud environments, the security settings out-of-the-box are usually not enough for a production environment. Organizations deploying AWS must take an...

Defense Industrial Base (DIB) organizations, meaning those working with the Department of Defense (DoD) on US federal contracts, have long been subject to significant regulatory requirements for protecting sensitive information. However, a weakness...

Generative AI is making a lot of common tasks easier, but it’s also making common scams easier by giving criminals the tools to create convincing fake messages, images, and even videos.   Fortunately, there are some simple steps you can take to...

The compliance burden on organizations is growing. The average cost of a security breach hit $4.88 million in 2024. Governments worldwide continue to draft new measures to protect the privacy of user data and wrangle the beast that is artificial...

As I discussed in an earlier blog post, AI technologies show promise for improving productivity, but they can also be utilized by bad actors. A frequently-cited example is the story of a couple who were scammed by a criminal using voice-cloning...

There is a common misconception that cyber criminals only go after large organizations, but smaller companies have become attractive targets. According to the US Cybersecurity and Infrastructure Security Agency (CISA), small businesses are three...

In the ever-evolving landscape of cybersecurity, security-minded organizations look for the most effective methods to protect their systems and data from cyberthreats. Penetration testing, meaning an authorized, simulated penetration of a computer...

The transition of US government agencies to the cloud is an exciting opportunity for Cloud Service Providers (CSPs). Yet before CSPs can take advantage of that opportunity, they must be authorized via the Federal Risk and Authorization Management...

The Microsoft 365 suite of tools provides productivity benefits to many organizations. However, the default settings of Microsoft 365 when implemented out of the box may not be secure enough for your organization. This can leave your organization...

AI tools are being deployed by IT departments around the world, and many organizations are reaping immediate benefits. However, there are many myths and misconceptions surrounding AI, and believing them can lead to security risks. Here are four...

The rapid rise of powerful, breakthrough AI technologies like ChatGPT has generated a lot of excitement in the IT world, but also concerns about threats to security and privacy. Some tech leaders have even publicly voiced concern that AI poses a...

Download eBook: Preparing for AI Compliance AI technologies are being deployed by organizations at one of the fastest rates we’ve ever seen, and in response, regulatory and standards bodies are working to implement new compliance obligations that...