Speaking at an industry event, FedRAMP Director Pete Waterman announced the launch of “FedRAMP 2025,” calling on cloud providers to develop security innovations while the government sets standards.

The report notes a 388% increase in cloud security alerts and a 235% rise in high-severity incidents.

Vasu Jakkal, Microsoft’s corporate vice president of security, emphasized that AI-driven cyber defense is essential as Microsoft Threat Intelligence processes 84 trillion signals daily, enabling proactive threat detection.

The updates include automated secrets rotation in Pulumi ESC, a secure GitHub Actions integration, granular role-based access control (RBAC), and expanded policy-as-code capabilities in Pulumi Insights.

The update also streamlines deployment of its Security Services Platform (SSP) for collecting cybersecurity telemetry.

U.S. cybersecurity technology firm ReliaQuest has secured more than $500 million from a new funding round that has lifted its valuation to $3.4 billion, according to SiliconAngle.

Ongoing intrusions leveraging the critical static credential backdoor flaw impacting the Cisco Smart Licensing Utility, tracked as CVE-2024-20439, have prompted the bug's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerability catalog, with federal agencies urged to apply remediations by Apr. 21, Security Affairs reports.

Cybernews reports that recent data breaches have impacted 65% of the largest hospitals and health systems across the U.S. just as the total number of compromised health records exceeded 276 million, or more than 80% of the country's population, last year, which is the highest on record.

Sixty percent of cybersecurity incidents around the world last year were identity-based intrusions, with identity targeting being prominent across all attack stages, SiliconAngle reports.

U.S. Department of Justice bankruptcy regulators have been urged by Federal Trade Commission Chair Andrew Ferguson to ensure that any buyer of the embattled DNA testing services company 23andMe should comply with the firm's existing data privacy policies.