The Internet Engineering Task Force (IETF) has approved Transport Layer Security version 1.3 (TLS 1.3), which provides improved security for web communications. However, some experts have expressed concerns about the encryption standard’s impact on enterprise networks and regulations such as HIPAA and patient privacy. TLS 1.3 encrypts data for each individual device, making it difficult for organizations to monitor threats and protect against insider abuse. The IETF rejected proposed solutions to address these issues, leaving organizations to explore other options.
The NCSC wants developers to get serious on software security
The NCSC’s new Software Security Code of Practice has been praised by cyber professionals as a significant advancement in enhancing software supply chain security.
