Cyber threats can evolve overnight, and businesses must adapt or face the consequences. XPEN.PRO uncovers the latest information security trends reshaping the digital world, offering critical insights that could mean the difference between safety and catastrophe. As cyber threats become more sophisticated, understanding the latest developments in information security is crucial for any business that wants to safeguard its digital assets.

“With the rapid pace of technological advancement, staying updated on security trends is not just a recommendation—it’s a necessity,” said a representative from XPEN.PRO. “Our mission is to empower businesses with the knowledge and tools they need to secure their operations against potential threats.”

As more and more companies move their operations online, XPEN.PRO asserts that cloud security is more important than ever. It claims that while the cloud offers scalability and flexibility, it also has unique risks. Strong security measures are crucial for any company that wants to protect its digital assets.

At the core of XPEN.PRO’s approach is the recognition that data breaches and unauthorized access are among the most significant threats facing companies today. These breaches can occur due to various factors, including misconfigurations, inadequate access controls, and vulnerabilities in APIs. With cyber threats becoming more sophisticated, XPEN.PRO emphasizes adopting multi-layered security protocols that go beyond traditional measures.

One of the standout strategies offered by XPEN.PRO includes advanced encryption techniques that secure data at rest and in transit. Encryption acts as a fortress around your sensitive information, ensuring that even if data is intercepted, it remains inaccessible without the proper decryption keys. XPEN.PRO uses the latest encryption standards to provide an impenetrable defense for your cloud-based data.

Additionally, XPEN.PRO advocates for multi-factor authentication (MFA) as a cornerstone of cloud security. By requiring more than just a password for access, MFA significantly reduces the risk of unauthorized entry, even if login credentials are compromised. This extra layer of security is particularly crucial in a cloud environment where multiple access points exist.

But XPEN.PRO doesn’t stop there. It also stresses the importance of continuous monitoring and regular security audits. The dynamic nature of cloud environments means that security must be proactive, not reactive. XPEN.PRO’s solutions include real-time monitoring tools that identify and address potential threats before they can cause harm. Regular audits ensure that your security posture evolves in step with emerging threats, keeping your defenses robust and up-to-date.

Finally, XPEN.PRO’s comprehensive cloud security solutions are designed to adapt to each business’s unique needs. Whether they are dealing with sensitive customer data or critical internal communications, its tailored strategies ensure the cloud environments of their clients remain secure, compliant, and resilient against the latest cyber threats.

This innovative tech security company’s drive to stay ahead of the curve is evident in its commitment to continuous research and development. The company consistently updates its offerings to address security challenges, providing businesses with the most advanced tools and insights. These digital protection professionals combine cutting-edge technology with industry knowledge, making them a trustworthy partner for enterprises wishing to improve information security.

For more information and to stay ahead of the latest cybersecurity trends, explore the expert solutions at https://XPEN.PRO.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post XPEN.PRO Highlights Emerging Information Security Trends for Businesses first appeared on AI-Tech Park.

HITRUST, the leader in enterprise risk management, information security, and compliance assurances, today announced the launch of its AI Risk Management (AI RM) Assessment, the industry’s first comprehensive assessment approach for Artificial Intelligence (AI) risk management processes in an organization. The HITRUST AI Risk Management Assessment ensures that governance associated with implementing AI solutions is in place and can be effectively communicated by companies to management teams, boards of directors and others. 

The HITRUST approach is based on AI risk management expectations and outcomes through a clearly understandable approach to guide AI adopters and their leaders in their risk management efforts that also aligns with standards issued by both NIST and ISO/IEC. The HITRUST AI RM Assessment is fully supported by a complete assessment approach, SaaS platform, and eco-system that AI adopting companies can use to demonstrate that AI risk management outcomes are met. The offering provides an essential toolkit for benchmarking and reporting on the AI risk management efforts for any organization using or deploying AI-based technologies such as ML and LLMs, and addresses an essential step for organizations seeking to validate and communicate a comprehensive approach and leadership in addressing AI Risk Management. 

“Standards for AI risk management are evolving rapidly, and it is crucial for companies to address these principles with a thoughtful and comprehensive approach. Governance of this important and powerful capability is vital to unlocking the potential that AI offers, and risk management is critical to implementing AI responsibly.” said Robert Booker, Chief Strategy Officer with HITRUST. “HITRUST has applied over 15 years of practical experience and a best in class assurance methodology to AI risk management. The result is an approach that organizations can use to demonstrate that they have established appropriate governance structures and meet essential risk management principles.” 

The HITRUST AI Risk Management Assessment is the second in a series of AI assurance solutions designed to address AI risk management and security. This comprehensive approach helps companies meet their governance responsibilities at any stage of AI deployment and is strongly recommended as a key starting point. Additionally, HITRUST will release its AI Security Certification Program in Q4 2024, which will include AI-specific control specifications incorporated in the HITRUST CSF and enhancements to the company’s assurance methodologies, systems, and ecosystem. The AI security certification will deliver a highly trusted security assurance solution for AI-specific systems. Together, these two offerings are designed to complement each other, with AI RM serving as the ideal starting point, followed by AI security certification for specific AI deployments. 

All adopters of AI, including early adopters, need to demonstrate that they have effectively considered and managed the risks associated with AI. Until now, to address this critical need, governance and risk management teams have had to consider standards and references from numerous sources such as ISO/IEC and NIST to understand the risk management principles needed for AI governance and to then consider how to address and confirm those requirements.  

Understanding AI risk management expectations and associated control requirements is foundational to implementing and documenting numerous risk management outcomes. The management lifecycle of these efforts is complex, as companies also often develop multiple and different approaches to socialize the risk management requirements across their organizations; to assemble information from different risk management teams; and to provide meaningful reports that identify the completion and maturity of those requirements. The HITRUST AI Risk Management Assessment leverages the proven HITRUST assessment platform and reporting capabilities to support clear understanding of the risk management requirements and outcomes, and generate reports for internal or external teams to demonstrate the requirements are met. 

“The total effort to address risk management at scale can take weeks or months of labor just to design and maintain an assessment approach, socialize that approach, and to prepare for the assessment work itself,” said Bimal Sheth, EVP Standards Development & Assurance Operations at HITRUST. “Even then, there can be questions about completeness and quality and the work can be exhausting where the organization wishes to align to multiple industry standards.” 

As an accelerator for AI risk management, HITRUST has created an approach consisting of 51 comprehensive control requirements and a mapping to both NIST and ISO/IEC to illustrate coverage to the different standards and to address the recommendations of both. HITRUST has bundled the AI risk management control requirements with a 1-year subscription to MyCSF, HITRUST’s powerful assessment SaaS platform tool, and a report credit for a HITRUST AI Risk Management Insights Report describing the state of AI Risk Management aligned with the language and recommendations of both standards. The HITRUST approach and solution provides an effective, efficient, and no-compromise solution to AI risk management requirement.  

“HITRUST has leveraged its years of experience in information risk, security and compliance assurances to tackle AI risk management, providing a reliable foundation for organizations at any stage of their AI journey. We believe this should be the essential starting point for any organization engaging with AI and have designed it to be comprehensive and cost-effective for every organization.” Added Jeremy Huval, Chief Innovation Officer with HITRUST. “The AI RM solution can be used as a self-assessment and benchmarking tool, or companies can engage one of over 100 HITRUST external assessor firms to validate and verify implementation. Finally, existing HITRUST customers can access the capability with a simple report credit to their existing subscriptions to MyCSF.” 

The HITRUST AI Risk Management Assessment and Insights Report are available immediately. For more information about the HITRUST AI Assurance Program and to access the latest resources, visit HITRUST AI Hub or contact sales@hitrustalliance.net.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post HITRUST Launches New AI Risk Management Assessment first appeared on AI-Tech Park.

HaystackID, a specialized data services company solving business data challenges related to legal, compliance, regulatory, and cyber events, today announced its achievement of HITRUST r2 Certification for its in-scope platforms. The certification demonstrates the company’s in-scope platforms have met demanding regulatory compliance and industry-defined requirements and appropriately manage risk. This achievement places HaystackID in an elite group of organizations worldwide that have earned this certification.

“Global enterprises need partners to empower them to stay ahead of emerging threats so they can meet complex compliance, information protection, and privacy requirements,” said Hal Brooks, CEO of HaystackID. “By earning the HITRUST r2 Certification, we illustrate our commitment to the highest standards for data protection and information security and instill confidence in our clients that we handle their sensitive information with unparalleled precision and care.”  

HITRUST collaborates with public and private sector experts in privacy, information security, and risk management to identify emerging threats and help organizations ensure they take the most effective steps to avoid them. By including federal and state regulations, standards, and frameworks and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls. 

“The HITRUST Assurance Program is rigorous and reliable because of the comprehensiveness of control requirements, depth of review, and consistency of oversight,” said Bimal Sheth, Executive Vice President, Standards Development & Assurance Operations at HITRUST. “HITRUST r2 Certification demonstrates HaystackID is taking the most proactive approach to cybersecurity, data protection, and risk management.” 

The HITRUST r2 – 2-year Validated Assessment is the most comprehensive and robust HITRUST certification and indicates regulatory compliance with authoritative sources like HIPAA, the NIST Cybersecurity Framework, and dozens of others.  

“Earning this certification reflects our dedication to our clients and our focus on data protection,” said Evan Craghead, Chief Technology Officer of HaystackID. “This globally recognized certification validates that our information security and privacy controls are effective and compliant with various regulations.” 

HaystackID’s in-scope platforms successfully achieved HITRUST r2 Certification through a concerted effort that spanned several departments. Over a two-year audit period, the team meticulously gathered around 1,000 pieces of evidence across 100 categories, showcasing their comprehensive approach to compliance and information risk management.  

“This certification underscores the culture of security and privacy that we have built and continue to strengthen,” said Michael Cammack, Vice President of IT and Security at HaystackID. “It was a true team effort, with numerous departments contributing to ensure that we met the extensive requirements of the HITRUST certification.” 

For more information about how HaystackID can help you meet your legal, compliance, regulatory, and cyber event needs, please visit HaystackID.com. 

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post HaystackID® Achieves HITRUST r2 Certification first appeared on AI-Tech Park.

atNorth, the leading Nordic colocation, high-performance computing, and artificial intelligence service provider, has announced that it has achieved ISO45001 accreditation and extended additional ISO certifications as it strives for continual business improvement.

The business has received full ISO45001 certification for its occupational health & safety management system and has extended its ISO14001 certification for its environmental management system to its newer data centers. In addition to this, atNorth has also extended the ISO27001 certification for its information security management system as part of the procurement of Gompute in 2023, aligning these sites with atNorth’s existing ISO certifications.

ISO45001 is an international standard that specifies requirements for an occupational health and safety (OH&S) management system. It provides a framework for organizations to manage risks and improve OH&S performance and demonstrates atNorth’s commitment to promoting employee mental and physical wellbeing and ensuring a solid foundation of safety in the workplace.

Key criteria of the accreditation include ensuring safe ways of working by instructing, training, and monitoring knowledge and competences, the obligation to report incidents, accidents, and observations on shortcomings, frameworks for comprehensive and consistent consideration of risks and hazards and empowering open and honest stakeholder communication to ensure employee safety and business continuity.

“The success of atNorth’s operations is testament to our commitment to our people. The ISO45001 certification validates our already resilient health and safety standards to ensure the wellbeing of our staff and formalizes the veracity of our processes,” commented Erling Freyr Guðmundsson, COO at atNorth. “Our ongoing commitment to improvement across our business enables us to continue to deliver the best possible service to our clients”.

ISO 27001 provides companies with guidance for establishing, implementing and maintaining an information security management system. Conformity to this standard means that an organization has a robust system to manage risks related to the security of data owned or handled by the company. It covers all aspects of information security including physical or virtual access to sites and systems, software development, supplier and customer interactions and incident response processes.

“Data security continues to be a high priority for our clients,” says Daniel Persson Chief HPC Officer at atNorth. “We are delighted to extend the scope of our of ISO27001 accreditation to reassure our customers that our business conforms to industry leading security standards.”

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post atNorth is ISO45001 Certified for its Health & Safety Management System first appeared on AI-Tech Park.

Chetu, a global software solutions and support services provider, today announced it has received its 14th consecutive System and Organization Controls for Service Organizations’ ICFR Type 2 SOC 1^® accreditation. This milestone is a testament to Chetu’s unwavering dedication to upholding the highest information security and data integrity standards.

This rigorous, independent audit, conducted in accordance with the American Institute of Certified Public Accountants (AICPA) standards, confirms that Chetu’s internal controls for security, availability, and processing integrity are operating effectively. It further demonstrates the company’s dedication to safeguarding customer data.

“Earning our 14th consecutive Type 2 SOC 1^® certification is evidence of our team’s relentless pursuit of excellence,” said Prem Khatri, Vice President of Operations at Chetu. “It showcases our dedication to maintaining a robust security posture and adapting our controls to the ever-evolving technology landscape. Our clients can rest assured that their data is safe with Chetu.

“We are proud to offer our clients the peace of mind that comes with knowing their data is protected by a trusted partner,” Khatri added.

A Gold Standard in Information Security

The Type 2 SOC 1^® certification is a globally recognized benchmark for service organizations, demonstrating that they have undergone a thorough examination of their service activities and meet the rigorous standards for controls over information technology and related security processes.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Chetu achieves 14th Consecutive Type 2 SOC 1® Certification first appeared on AI-Tech Park.

Zentera Systems, Inc., the leader in Zero Trust Security for the digitally-transformed enterprise, today announced the appointment of Rino Peruzzi to its Board of Directors.

“We are excited to welcome Rino to our Board,” said Jaushin Lee, President and CEO of Zentera Systems. “Rino brings a stellar reputation for success in growing and managing global strategic accounts. With Zero Trust security being rapidly adopted by the largest enterprises for its effectiveness in protecting critical assets and workloads, Rino’s insight and experience will be invaluable. His addition bolsters our go-to-market strategy and will accelerate adoption of our Zero Trust security solutions throughout Fortune 500 enterprises.”

“As companies continue to invest in digital transformation and new technologies like AI, the potential for productivity gains is accompanied by increased risk of cyber attacks and data leaks,” added Rino Peruzzi. “Zentera’s Cyber Overlay empowers information security professionals to instantly apply Zero Trust principles and mitigate cyber threats to business. I am excited to contribute to Zentera’s efforts in realizing the full potential of its pioneering solutions.”

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Zentera Systems Appoints Industry Veteran Rino Peruzzi to BOD first appeared on AI-Tech Park.

Dan joins ModMed from Horizon Blue Cross Blue Shield of New Jersey, where he served as Vice President and Chief Information Security Officer. In this role, he was instrumental in advancing the company’s cybersecurity posture and ensuring the protection of critical information assets.

Before his tenure at Horizon Blue Cross Blue Shield, Dan held the position of Chief Product and Information Security Officer at a leading fintech firm. He also served as Chief Information Security Officer and Associate CIO at Penn Medicine, one of the United States’ top academic medical institutions, where he oversaw comprehensive information security and IT infrastructure programs.

Throughout his career, Dan has co-managed multiple cybersecurity consulting practices, advising clients ranging from startups to Fortune 500 corporations. His expertise encompasses CISO and CIO consulting, product management, and strategic planning for IT and cybersecurity initiatives.

Dan’s leadership in cybersecurity has been recognized with numerous accolades, including multiple CSO50 Awards, CSO of the Year, and the Best U.S. Security Team award at the SC Awards 2020. He has also contributed his expertise to the boards of Health-ISAC, Symantec Healthcare, and VMware Healthcare Security.

Dan holds a Bachelor of Science degree in Information Systems Security from American Military University and an MBA from the Jack Welch Management Institute.

“We are thrilled to welcome Dan Costantino to the ModMed team,” said Daniel Cane, ModMed co-founder and co-CEO. “His extensive experience and proven track record in information security and IT infrastructure will be invaluable as we continue to innovate and enhance our technology solutions for the healthcare industry.”

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post ModMed Appoints Chief Information Security Officer, Dan Costantino first appeared on AI-Tech Park.

Obsidian Security, the pioneer of SaaS security, announces the appointment of Sunil Seshadri to its Board of Directors. Sunil joins the board at a time when the Obsidian platform has become essential to Incident Response providers around the world as they respond to a 300 percent rise in SaaS breaches over the last 12 months.

Partners like Crowdstrike, Kroll, Guidepoint, Wipro, and GroupIB use Obsidian to significantly shorten the time needed to normalize identities and activities in SaaS, and map out the kill-chain events that led to a SaaS breach. Obsidian’s understanding of SaaS breaches has allowed it to develop the most efficacious AI models that proactively prevent and detect advanced threats to SaaS and PaaS applications.

“We started our incident response engagements by partnering with CrowdStrike in mid-2022, and in less than two years, we’ve accumulated the largest collection of SaaS breach data, giving us deep insights into the SaaS threat landscape,” says Hasan Imam, CEO at Obsidian Security. “It is also immensely gratifying to have someone like Sunil Seshadri on our team. His extensive experience at leading global security organizations, coupled with his unique insights into security challenges faced by enterprises and an unparalleled network of peers, significantly strengthens our ability to deliver robust, innovative solutions that safeguard our customers’ expanding SaaS environments.”

Mr. Seshadri joins the Obsidian board, bringing over 28 years of expertise in technology and information security leadership. His distinguished experience includes roles as Chief Information Security Officer (CISO) at major financial institutions, including Wells Fargo, NYSE, Visa, and Intercontinental Exchange.

“I’m thrilled to join the Obsidian journey,” states Sunil Seshadri. “Throughout my tenure as a CISO, I’ve encountered numerous threats and breaches. The one constant truth is that threat actors invariably target data. As data increasingly migrates to SaaS platforms, these become the new frontline. Addressing these threats effectively requires a combination of technological innovation, real-world breach insights, and a desire to partner with customers to develop the right solutions. That is what has separated the best from the rest. And SaaS security will be no different.”

Obsidian Security was founded with the goal to tackle the unaddressed blind spot in SaaS security. Trusted by leading Fortune 1000 and Global 2000 enterprises, Obsidian shields SaaS applications from advanced identity threats, 3rd- and 4th-party integrations and data movement risks, and automates SaaS security posture management and compliance.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Sunil Seshadri Joins Board of Directors at Obsidian Security first appeared on AI-Tech Park.

“As a global leader in cyber safety and online wellbeing, security, privacy and customer trust are non-negotiable,” says Tim Levy, CEO of Qoria. “Michael’s leadership will ensure that Qoria’s products remain trusted and competitive in the global marketplace.”

Michael’s proven leadership combined with his background as an accomplished ethical hacker positions him well to understand and continuously improve the security of Qoria and its products. 

“Qoria has one of the most important charters of the 21st century; supporting parents and schools with the ability to provide safe access to technology and it is a great privilege to play a pivotal role in this mission,” says Michael Hyndman, CISO at Qoria. 

Michael’s appointment will ensure Qoria continues to navigate the ever changing cyber security landscape maintaining the company’s position on the leading edge of innovation and resilience.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Linewize by Qoria Announces Appointment of Michael Hyndman as CISO first appeared on AI-Tech Park.

Sourcepass, an innovative IT Services (MSP) and Cyber Security Provider, joins the supplier network of ARG, a technology consulting and advisory firm. Together we will provide our joint clients with a broad suite of technology products and services to best meet their business outcomes.

Sourcepass is transforming the way companies buy, manage, and use IT services. Through their proprietary Quest portal, clients receive on-demand support, reporting, and self-service for their IT environment to drive business decisions from their IT investment. This translates directly to customer experience and retention which align with the core values for ARG’s supplier network.

“Sourcepass is driven by a customer-obsessed culture” said Chuck Canton, Founder and CEO of Sourcepass. “We see tremendous alignment with ARG, not only in delivering best-in-class technology and security solutions, but in our passion for delivering the highest quality client experience.”

“ARG clients want to better align business units to IT in order to use technology as a competitive advantage. Focusing in-house resources where they drive the most value can speed time to market and make a big impact on organizational success. Enabling that type of focus through strategic outsourcing to highly qualified partners like Sourcepass helps us deliver business outcomes to our clients,” said Jim Begley, ARG CTO.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

The post Sourcepass Joins ARG Supplier Network for Providing Cyber Security first appeared on AI-Tech Park.