In a U.S. Senate hearing on Tuesday, the Apache Software Foundation and leaders from Cisco, Palo Alto Networks and The Atlantic Council discussed open-source software security, urging both government and private sector entities to recognize the breadth of the free-to-use software and adversaries' willingness to...
As a CISO in financial services, Bradley Schaufenbuel of Paychex enjoys the velocity of change - no two days are alike. But with that pace comes a corresponding uptick in supply chain risk, which adds a new degree of difficulty to an already challenging leadership role.
The CISO for a Dallas-based school district quit his job over the district's handling of a severe data breach that occurred in August 2021. A TV broadcaster has revealed that two students in the district were responsible even though the district claimed the intruder was a "third party."
It is essential that entities across all industries - and especially in healthcare - better prepare every type and level of worker on how to respond to potentially devastating ransomware attacks, says privacy and security attorney Erik Weinick of law firm Otterbourg PC.
A Kentucky hospital and the Maryland Department of Health are among healthcare sector entities still battling to fully recover from recent ransomware and other disruptive cyber incidents. What can other organizations do to avoid similar fates?
The House of Representatives on Friday passed a bill that Democratic lawmakers say will help the U.S. compete with China economically when it comes to manufacturing semiconductor chips and bolstering both supply chains and the technology workforce.
As information security officer at MVB Financial Corp., Cara Coleman says the single biggest cybersecurity threat is just keeping up with the pace of attacks - and understanding the sophistication and trickery of the broad range of attackers. Here's how she tackles the challenge.
ThycoticCentrify renames itself Delinea to grow as a "seamless" security solution. Other acquisitions focus on providing tools to developers to better secure applications and software, boost healthcare device security, fight against chargeback fraud and bring smaller organizations into compliance.
Some of the biggest cybercrime-focused darknet markets selling stolen payment card data, passwords, malware and more have retired in the past year, with administrators oftentimes boasting it's because they've gotten rich. As they exit, other players remain ready to grab their market share, experts say.
Four ISMG editors discuss important cybersecurity issues, including misconceptions around Zero Trust implementation, lessons learned from the crippling NotPetya malware attack of 2017 that nearly sank logistics giant Maersk and how a Russian cyberwar in Ukraine could move beyond its borders.
A New York federal court has recommended the dismissal of a class action lawsuit filed against medical practice management vendor Practicefirst in the aftermath of a 2020 ransomware attack that involved data exfiltration and affected the personal and health information of 1.2 million individuals.
The latest edition of the ISMG Security Report features an analysis of how Russia's escalation in Ukraine is raising cyber defense alarms. It also describes how a Dark Overlord collaborator received a three-year prison sentence and shares tips for Zero Trust implementation.
Pharmaceutical giant Pfizer alleges in a federal lawsuit that two former executives stole documents containing trade secrets about diabetes, obesity and cancer treatments under development by the drugmaker to benefit two new biotech startups they had launched.
A variety of underground markets exist to help malware-wielding criminals monetize their attacks, including via log marketplaces such as Genesis, Russian Market and 2easy, which offer for sale batches of data that can be used to emulate a victim, whether it's a consumer, an enterprise IT administrator or anyone in...
U.S. DHS Secretary Alejandro Mayorkas confirmed on Thursday that the department is establishing a Cyber Safety Review Board, as directed by President Joe Biden's sweeping cybersecurity executive order signed in May 2021. The board aims to mirror the work of the National Transportation Safety Board.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.