Articles about Q&A

Increased use of open source and third-party code leaves organizations open to more attacks on the software supply chain.

Open source vulnerabilities have become a prime target for attackers and organizations need to strengthen their defenses. We spoke to Richard Clark, senior solutions architect at JFrog, to discuss the importance of proactive measures in protecting against these threats.

Continue reading →

More and more businesses are turning to generative AI in the hope of gaining greater value from their data. But there are issues around governance, access to data and lack of appropriate skills that mean projects can either stall or not deliver as expected.

We spoke to Srujan Akula, CEO of The Modern Data Company, about why he believes that giving 'power to the people' and democratizing AI by putting it in the hands of non-technical users can deliver real business value.

Continue reading →

The cybersecurity landscape is constantly evolving and organizations need to stay up to date if they're to adequately protect themselves.

At the end of last year, O'Reilly released its 2024 State of Security survey, which analyzes the threats that concern frontline practitioners most, the projects they're implementing to safeguard systems and infrastructure, the skills companies are hiring for, and more.

Continue reading →

There are many factors to consider when deploying AI into an organization, not least of which is maintaining transparency and trust in the process.

We spoke to Iccha Sethi, VP of engineering at Vanta, to learn more about why transparency is so important and how governments and enterprises are responding to this challenge.

Continue reading →

Developers historically have not been all that security savvy, but as software supply chain security becomes a larger and larger problem every day, enterprises are going to need to secure packages before they are put into production environments.

We spoke to Phylum CEO, Aaron Bray, to learn more about 'secure by design' and how it can make sure developers are being taught security as part of their development and training process and are also being provided with the necessary resources to code securely from the beginning.

Continue reading →

As cloud environments become complex, security teams face increasing challenges in detecting, prioritizing, and addressing risks.

While cloud security posture management (CSPM) tools were created to provide visibility into cloud configurations and cloud workload protection platforms (CWPP) to manage threats to cloud workloads, they created gaps in providing holistic context that enables efficient risk management and didn't extend across the full software development life cycle (SDLC).

Continue reading →

It's an increasingly rare system these days that doesn't claim to have incorporated artificial intelligence in some form or another.

But when implementing AI it's important to look beyond the hype and ensure that it can deliver real value for the business. We spoke to Ajay Kumar, CEO of SLK Software, about the need for a holistic approach to allow enterprises to leverage AI for solving complex business challenges.

Continue reading →

Non-human identities (NHIs) outnumber human identities by between 10 and 50 times, but the industry lacks solutions to properly address this hole in the security perimeter.

Traditional IAM solutions and best practices aren't sufficient when it comes to managing NHIs, as evidenced by some recent breaches that have stemmed from exploitation of NHIs.

Continue reading →

As AI reshapes business operations, companies are facing new challenges around cost uncertainty, security, and data integrity. The rise of hybrid cloud strategies -- combining private clouds with public infrastructure -- is becoming a key approach to addressing these concerns.

While enterprises focus on cost control, safeguarding sensitive corporate data, and preventing AI-driven data leakage, they are also trying to leverage LLMs to exploit data in the public cloud while retaining sensitive data in private clouds that they control.

Continue reading →

Over the past decade, cloud computing has emerged as a transformative force, promising unprecedented efficiency and scalability.

However, despite the rush for businesses to adopt this technology, many cloud projects still fail to meet their stated objectives

Continue reading →

Small and medium-sized businesses (SMBs) are facing an escalating onslaught of cyberattacks as they evolve in both sophistication and speed. Among the most insidious threats are ransomware variants like QakBot and Black Basta, which operate in the shadows, often slipping past the radar of law enforcement and the media.

The consequences of these attacks can be devastating, leaving SMBs exposed and unprepared, with the potential to disrupt operations, damage reputations, and incur significant financial losses.

Continue reading →

Lots of organizations are rushing to embrace AI and hoping to deliver business value. But AI is only as good as the data that underpins it.

We spoke to Julian LaNeve, chief technology officer of Astronomer, to discuss why it's important to fix the foundations before implementing AI solutions.

Continue reading →

Large language models (LLMs) have undergone rapid evolution in recent years, but can often be viewed as something of a 'black-box' as a lack of transparency makes it difficult to identify how decisions are made, trace errors, or understand biases within the model.

We spoke to Pramod Beligere, vice president -- generative AI practice head at Hexaware, to discuss this along with the tools that are being developed, such as explainable AI and interpretable models, to make AI systems more understandable, trustworthy and accountable.

Continue reading →

The world is a pretty unstable place at the moment, which can lead to problems when it comes to making decisions on whether to invest in new technologies -- particularly in the context of a rapidly changing landscape for supply chains.

We spoke to Jonathan Barrett, CEO of Kallikor, to discuss how a new generation of AI-powered digital twin technology can help businesses to anticipate changes brought about by events outside their control, and adopt efficiency-driving technologies, such as robotics and automation, with confidence.

Continue reading →

SIEM (security information and event management) is currently one of the cybersecurity field’s most active markets. It holds the promise of making sense of the disparate data sources across enterprise environments to detect and respond to malicious activity.

Over the past year, we’ve witnessed a wave of innovation, mergers and acquisitions and consolidation in this area, largely driven by AI advancements and the push toward the AI-native security operations center (SOC). But there's also a 'data paradox' involved in balancing cost with importing and storing as much data as possible.

Continue reading →