Security researcher Daniel Cuthbert during his "Our Kryptonite: A Defendable Internet" keynote speech at Black Hat Europe 2022 on Dec. 7, 2022 (Photo: Mathew J. Schwartz)

Cybersecurity Pros: Fresh Challenges Face 'Next Generation'

Mathew J. Schwartz • December 8, 2022

As the potential harm posed by technology increases, the cybersecurity stakes are changing, warned speakers at Black Hat Europe. With governments taking a greater interest in regulating cybersecurity - and perhaps practitioners - experts urged practitioners to collectively guide their own destiny.

►

Governance & Risk Management

ExtraHop Taps Ex-Check Point Exec Chris Scanlan as President

Latest

Endpoint Detection & Response (EDR)

SentinelOne Pushes Upmarket to Minimize Effects of Slowdown

Michael Novinson • December 6, 2022

SentinelOne plans to go after more Fortune 500 and Global 2000 organizations as the economic downturn prompts customers to shrink the size of their purchases. Over the past year, the company doubled the number of clients spending at least $100,000 and $1 million with SentinelOne annually.

Cyberwarfare / Nation-State Attacks

A Look Ahead: David Pollino on Evolution of the CISO Role

Tom Field • December 5, 2022

From the invasion of Ukraine to the conviction of a former Uber CISO and the Musk takeover of Twitter, it's been a watershed year for cybersecurity concerns. Veteran CISO David Pollino reflects on 2022 and looks ahead to the challenges - and opportunities - that await in 2023.

Business Continuity Management / Disaster Recovery

Rackspace Hosted Exchange Still Offline Over Security Issue

Prajeet Nair • December 5, 2022

Thousands of Rackspace customers continue to face hosted Microsoft Exchange Server outages after the managed services giant took the offering offline after being affected by an unspecified security incident Thursday. Rackspace urges affected customers to at least temporarily move to Microsoft 365.

Identity & Access Management

OneSpan CEO on Joining Identity Verification and e-Signature

Michael Novinson • December 4, 2022

Bringing OneSpan's identity verification and e-signature businesses together in the cloud will allow the company to secure the whole customer transaction life cycle, says CEO Matt Moynahan. Customers want security capability that is seamlessly integrated and interwoven across their entire workflow.

Industry Specific

Top Cybersecurity Challenges Facing Healthcare Providers

Marianne Kolbasuk McGee • December 3, 2022

With the surge in ransomware and other major hacking incidents affecting third-party suppliers, it is more critical than ever for healthcare sector entities to diligently scrutinize threats and risks involving their vendors, says Denise Anderson, president and CEO of the Health-ISAC.

Cloud Security

Clumio CEO on Why AWS S3 Buckets Pose a Giant Security Risk

Michael Novinson • December 2, 2022

The need for AWS security has increased as S3 buckets have evolved from a dumping ground for data to the home for critical cloud-native applications, says Clumio co-founder and CEO Poojan Kumar. Information in S3 buckets is susceptible to both accidental deletions and cyberattacks.

Breach Notification

ISMG Editors: Twitter Breach May Be Worse Than Advertised

Anna Delaney • December 2, 2022

In the latest weekly update, ISMG editors discuss ways organizations commonly founder when implementing a zero trust strategy, what the latest version of India's digital data protection bill means for CISOs, and how a 2022 data breach confirmed by Twitter may be worse than initially thought.

Cryptocurrency Fraud

Hacked: What's the Next Step for Web3 Companies? - Part 2

Rashmi Ramesh • December 2, 2022

Web3 companies are under attack by cybercriminals all year. After a compromise occurs, how should organizations respond? In Part 2 of this interview, Martin Derka of Web3 security firm Quantstamp discusses short-term and long-term mitigation steps and how to defend against cryptocurrency theft.

Fraud Management & Cybercrime

Most Healthcare Ransomware Hits Include Patient Data Theft

Mathew J. Schwartz • December 2, 2022

Based on known ransomware attacks against the healthcare sector, here's good news: The volume of attacks seems to have declined, says Allan Liska, a principal intelligence analyst at Recorded Future. Unfortunately, most such attacks not only trigger downtime but include the theft of patient data.

Cloud Security

Zscaler CEO: 'Uncertainty Can Act as a Catalyst for Change'

Michael Novinson • December 1, 2022

Zscaler has notched large, multiyear, multipillar deals as the economic downturn prompts clients to seek replacements for expensive legacy point products, says CEO Jay Chaudhry. Clients are increasingly buying Zscaler's secure web gateway, private access and digital experience tools as one bundle.

Next-Generation Technologies & Secure Development

Elastic Lays Off Nearly 400 Employees as SMB Spend Dwindles

Michael Novinson • December 1, 2022

Security, observability and search vendor Elastic will shrink its workforce by 13% due to small and medium businesses reducing their purchases amid the economic downturn. Elastic will lay off nearly 400 of its 3,056 employees as it adopts an automated, low-touch motion for SMB customers.

Fraud Management & Cybercrime

Ransom Realpolitik: Paying for Data Deletion Is for Suckers

Mathew J. Schwartz • December 1, 2022

Ransomware-wielding attackers have myriad tactics for extorting victims, including demanding a stand-alone ransom for a promise to delete stolen data. But Coveware's Bill Siegel urges victims to never pay for such promises, in part because they rarely - if ever - get honored.