Cybersecurity is not about perfection. In fact, it’s more like a game of chess: predicting your opponent’s moves and making the game unwinnable for your opponent. Like chess players, attackers are always looking for an opening, probing for weaknesses, or waiting for you to make a mistake. Therefore, the best defense isn’t a single unbreakable barrier, but instead a layered strategy that forces your adversary into a losing position at every turn.

Canonical is proud to announce it has achieved the ISO 21434 certification for its Security Management System, following an extensive assessment by TÜV SÜD, a globally respected certification provider. This milestone highlights Canonical’s leadership in providing trusted and reliable open source solutions for the automotive sector.

We are happy to announce that Ubuntu on Windows Subsystem for Linux (WSL) is now available in Microsoft’s new tar-based distribution architecture. Ubuntu has been a widely used Linux distribution on WSL, offering a familiar development environment for many users. This new distribution architecture for WSL will make adoption easier in enterprise environments by enabling image customization and deployments at scale.

There’s good news in the US federal compliance space. The latest FedRAMP policy on the use of cryptographic modules relaxes some of the past restrictions that prevented organizations from applying critical security updates. There has long been a tension between the requirements for strictly certified FIPS crypto modules and the need to keep software patched and up to date with the latest security vulnerability fixes.

In our last blog post we talked about how you can use Intel QAT with Canonical Ceph, today we’ll cover why this technology is important from a business perspective – in other words, we’re talking data storage costs. Retaining and protecting data has an inherent cost based on the underlying architecture of the system used to store it.

When storing large amounts of data, the cost ($) to store each gigabyte (GB) is the typical measure used to gauge the efficiency of the storage system. The biggest driver of storage cost is the protection method used. It is common to protect data by either having multiple replicas within the storage system or by using erasure coding to create data chunks and parity chunks to reduce the raw storage consumed, albeit at the cost of higher CPU utilisation.

Over the past 5 years, Canonical has been contributing to Flutter, including building out Linux support for Flutter applications, publishing libraries to help integrate into the Linux desktop and building modern applications for Ubuntu, including our software store. Last year we announced at the Ubuntu Summit that we’ve been working on bringing support for multiple windows to Flutter desktop apps.

Open source is one of the most exciting, but often misunderstood, innovations of our modern world. I still remember the first time I installed linux on my laptop, saw the vast array of packages I could install on it, all the utilities and libraries that make it work, all the forum threads filled with advice and debugging and troubleshooting, and I thought: “Wait, all of this is free???” It’s free, you can use it, and it’s awesome.

In this third and final part of the series, I’ll provide some tips on how to set up your roadmap and effectively demonstrate compliance without overburdening your teams. If you’re just joining the fun now, in our two previous editions we covered who NIS2 applies to and what requirements it sets out. Be sure to have a look at them if you need any additional context.

In my previous blog, we ran through what NIS2 is and who it applies to. In this second part of the series, I’ll break down the main requirements you’ll find in NIS2 and help translate them into actionable and practical measures you can take to achieve NIS2 compliance. Join me in this post and start understanding what NIS2 is all about.