User education is vital to boosting the detection rate of phishing emails or social engineering scams that could lead to data breaches or ransomware infestations. Technology alone can't make websites or email inboxes safe since both are business-critical for all users, says ID Agent's Amelia Paro.
The shift to remote work introduced new security risks for Piedmont Healthcare since workers could no longer rely on the firm to protect their information. Employees need to understand the security issues associated with connecting to the network using personal devices, says CISO Monique Hart.
The traditional application development model that puts security checks at the end of the process creates needless friction that slows down organizations, says Snyk solutions engineer Matt Mintzer. Application security specialists need to build tracks rather than guardrails for development, he says.
Cyberattackers love to strike on weekends and holidays - that's not news. What is news: These attacks cost more than weekday incidents, and they take a heavy toll on defenders. Cybereason's Sam Curry shares insight from the new study "Organizations at Risk: Ransomware Attackers Don’t Take Holidays."
Hospitals face attacks from nation-states seeking medical research and cybercriminals using pediatric patient data to apply for loans, says Stoddard Manikin. Adversaries target pediatric records to exploit the patient's credit and adult records when pursuing insurance or prescription fraud.
Apple, Google and Microsoft supported a new common passwordless sign-in standard, and a key Senate committee approved the Improving Digital Identity Act of 2022. How will these moves pay off in 2023? Identity security expert Jeremy Grant weighs in on trends and predictions for the new year.
President and CEO Sudhakar Ramakrishna says SolarWinds has done massive work implementing security into the build process since the company was hacked in late 2020. Testing, validating and qualifying the integrity of the company's source code has required significant effort, Ramakrishna tells ISMG.
The shift to remote work during COVID-19 has prompted hackers to dramatically boost phishing attacks. The pandemic has led to users reading more corporate email on personal devices and opening messages while distracted by children or pets, increasing the chances they'll click on something malicious.
In the latest weekly update, ISMG editors discuss implications of the seizure of $3.36 billion in stolen bitcoin, whether the EU is complicit in the spread of advanced spyware, and the departure of the U.K.'s Dr. Ian Levy, technical director of NCSC, with some important parting words.
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
Malware activity has increased 28% since last year, and botnet and exploit activity are up over 100%, according to CyberTheory's 2022 Third Quarter Review. CyberTheory Director Steve King says "a new approach to cybersecurity defense" is needed to fight today's cybercrime.
In the latest weekly update, ISMG editors share how amateur tactics employed by ransomware gangs are leading fewer victims to pay ransoms, why traditional identity controls can't protect against the growing authorized payment scams, and highlights from ISMG's Crypto and Payments Summit.
All employees should consider upholding the security of the organization part of their job regardless of their official role at the company, says Equifax Business Information Security Officer Michael Owens. But creating an organization-wide cybersecurity culture is easier said than done.
CISOs must focus on the business value they're providing, not the technical details of their work, when interacting with the C-suite and board. Don’t focus too narrowly on security risks and technical requirements and miss what the business wants to achieve, says David Nolan, CISO, The Aaron’s Co.
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.