Where to get cyber news: Useful links.
Here are a number of publications I use to 'try' to keep up with everything happening in cyber security: https://thehackernews.com/ https://www.darkreading.com/ https://www.scworld.com/ https://www.securityweek.com/ https://www.cybersecuritydive.com/ https://www.infosecurity-magazine.com/
Cyber Resilience Podcast - Live
Hey folks....I had the pleasure to sit down with John Gilroy from The Federal Tech Podcast to discuss Cyber Resilience Strategies for Federal customers from TechNet Cyber in Baltimore. There was even a fire alarm and evacuation 6 seconds into the recording. Live streaming, baby! Nothing like it :) Check it out! How Federal Agencies Can Achieve Cyber-Resilient Data Protection and Recovery Federal Tech Podcast - Episode 238
Zero Trust in Practice: What Actually Breaks in Real Environments
Most Zero Trust discussions sound great on paper—but implementation tells a different story. From recent hybrid deployments, here’s what actually breaks: Identity gaps Service accounts without MFA Legacy apps bypassing Conditional Access Device trust issues -Non-compliant endpoints still accessing critical apps -BYOD without proper posture checks Network assumptions Internal traffic still implicitly trusted Flat VLANs enabling lateral movement What worked well: Enforcing Conditional Access (device + user risk) ZTNA replacing VPN for application-level access -Micro-segmentation (Fortinet / host-based controls) Key takeaway: Zero Trust is not a product—it’s a continuous enforcement model across identity, device, and network layers.From Passive to Proactive: A New Cyber Resilience Foundation
We are thrilled to announce a significant evolution of the Pure Storage Cyber Resilience solution, designed to transform your defense posture from passive to proactive. The announcements on September 25th deliver on three core pillars that are essential for modern defense: 1. Dynamic Response and Recovery: Recovery time must be measured in minutes, not days. We're introducing Pure Protect™ Recovery Zones to automatically provision Isolated Recovery Environments (IREs), plus a new Cyber Resilience delivered as a Service model with Veeam to guarantee instant, validated recovery. 2. Connected Detection: We’re eliminating security blind spots by embedding detection into the data layer itself. We have several new native detection capabilities and new integrations with CrowdStrike Real-Time Threat Graph and Superna Next-Gen SIEM to accelerate threat detection and remediation. 3. Built-in Security: Security is foundational. Our platform now features mandatory safeguards like TPM and UEFI Secure Boot and Enterprise-Grade Identity and Access Management to ensure the integrity of your platform from the ground up. See our Cyber Resilience announcement blog for more details.Ransomware’s Worst Nightmare: New Cyber Resilience Arsenal (new blog post)
With the barrage of new announcements coming out of NYC Accelerate, I wrote a new blog post that is relevant to all customers, but specific to State / Local Government and Education customers summarizing what is new and the value it brings in terms of Active Cyber Resilience. Your feedback is welcome: https://goo.gle/3xzWj8P zModernizing Mainframe backups for Comprehensive Cyber Resilience Strategy
I've been talking to our Healthcare Payer customers, as well as almost all of the Fortune 500, about how Pure can help to incorporate Mainframe backup and recovery into their overall Cyber Resilience strategy. It is best practice to protect your data across the enterprise and with our Luminex + Pure solution, all your data can be protected under one plan. I'm interested to hear if anyone else is finding challenges with this process.Data Intelligence and Cyber Resilience
Over the next few months you will be hearing more about data intelligence from Everpure. What is it? How is it relevant to cyber resilience? Data intelligence is the practice of transforming raw data into actionable insights through automated discovery, classification, and metadata analysis. In the modern threat landscape, it is the essential bridge between simple "backup" and true Active Resilience. Without intelligence, resilience is blind. Data intelligence provides the "who, what, and where" of your digital estate, allowing you to: Prioritize Recovery: Identify mission-critical applications and sensitive PII to ensure the most vital services are restored first. Accelerate Detection: Use AI-driven behavioral analysis to spot "silent" corruption or unauthorized access at the storage layer. Ensure Clean Restoration: Precisely tag compromised data to prevent re-infecting environments during recovery. By unifying data security with intelligence, organizations move from being passive targets to Active Defenders, ensuring operational survivability even in the face of sophisticated agentic attacks.Why Cyber Resilience Requires Recovery Not Just Backups: CISO and Field Perspectives
15 Minutes---Webinar from Everpure's Rick Orloff, CISO, and Scott Taylor, Director of Cyber Resilience Field Solution Architects on Cyber Recovery Strategy Resilience isn't just prevention—it’s about the "Minimum Viable Business." At RSAC 2026, Everpure’s Rick Orloff and Scott Taylor explained why recovery fails without understanding dependencies. Prioritize critical data and cross-functional collaboration to minimize revenue disruption. Stop treating backup as the goal; make rapid, strategic recovery your mission. Link to WebinarAI Governance: It’s Time to Close the Widening Gap 🪏
Traditional governance is no longer enough to manage the scale of modern AI. As global regulations begin to fragment, the article "Inside the Shift Toward Internal Data Governance As Global AI Regulation Fragments", Onur Korucu, DataRep Non-Executive Director points out that organizations must move towards toward dynamic, internal industry frameworks. She says, true AI control isn't just about software rules; it requires a deep understanding of your data flows and the infrastructure they run on. Since AI magnifies the biases of its inputs, effective AI governance is, at its core, rigorous data governance. To stay ahead, leaders must stop waiting for universal standards and start embedding continuous, technical monitoring into their own everyday operations. --------------------------------------------------------------- 🗣️ Let's talk about it! 📣 Community Question: In your experience, where is the biggest gap between the legal intent of AI policy and the technological reality of how these systems actually run? Let's discuss! Click through to read the entire article above and let us know your thoughts around it in the comments below!
