SEC regulators have filed charges against software company SolarWinds and its CISO Tim Brown - accusing them of misleading investors about the firm's cybersecurity practices in light of a high-profile hack. Canon security leader Quentyn Taylor examined implications for other CISOs.
Tech firms are making huge investments in generative AI tools, but nearly half of cybersecurity professionals say they have little or no or knowledge of AI, according to ISC2's Cyber Workforce Study 2023, which surveyed 14,865 international security practitioners and decision-makers.
Members of Congress don't agree on much these days. But a new bipartisan working group launched in the Senate on Thursday hopes to rally congressional support for potential legislation focused on improving the state of cybersecurity in the healthcare sector.
The fallout from the SEC's charges of fraud and internal control failures against SolarWinds and its CISO has implications for the industry. Cordery Compliance attorney Jonathan Armstrong advises security leaders to "take heed and remember that the actions of today can determine your fate tomorrow."
When asked what has changed most since Oct. 7, Chen Shmilo, CEO of Israel's 8200 Alumni Association, said "trust." Trust in leadership has changed, but trust in society and its power to be resilient has been renewed, he said. "In these darkest times, some things might even change for the better."
A scientist claims to have developed an inexpensive system for using quantum computing to crack RSA, which is the world's most commonly used public key algorithm. If true, this would be a breakthrough that comes years before experts predicted. Now, they're asking for proof.
The recently ended ISMG Financial Services Summit was dedicated to fortifying cybersecurity preparedness in the financial services industry. Thought leaders guided critical discussions on cybersecurity topics such as critical infrastructure, incident response, supply chain threats and zero trust.
Hospitals, clinics and doctor practices have long fallen victim to cyberattacks and breaches kicked off with phishing emails. But with the advent of AI-augmented phishing, the lures are more convincing and could lead to even more scams targeting healthcare organizations, federal authorities warned.
In recent years, the adoption of public cloud infrastructures has surged, providing organizations with unparalleled flexibility and scalability. But this shift has also introduced a new set of challenges when it comes to protecting web applications and APIs that are hosted on these platforms.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
U.S. government agencies and the private sector embraced information sharing but lack a coordinated response plan in the event of a massive cyberattack, a House Republican said. Public-private partnerships are essential since 80% of critical infrastructure in the U.S. is owned by the private sector.
Thousands of North Korean IT workers hid their identities to earn hundreds of millions of dollars in IT contract work from overseas companies to help finance the country's weapons development program, U.S. and South Korean agencies said. Officials said to watch for workers who are camera-shy.
The data leak and negotiation sites for the Ragnar Locker ransomware group went offline Thursday after an international law enforcement operation, backed by the FBI and police in Europe, seized its infrastructure. Whether the disruption spells the end for Ragnar Locker remains unclear.
As organizations grapple with an increasingly complex digital landscape, CISOs and CIOs are faced with heightened executive liability. With the high-profile cases of CIO Carlos Abarca and CSO Joe Sullivan serving as stark examples, the message is clear - executives cannot afford to be complacent.
To truly be effective, CISOs must understand their organization's focus and culture. "In understanding the organization and its language, you understand what matters, and then by extension that will drive your security strategy and your security focus," said Helen Rabe, CISO at the BBC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.