When it comes to risk, attorney Mark Doepel sees what he describes as "high cyber awareness, but low cyber literacy" among senior business leaders. But as nations adopt new breach legislation, boards and C-suites need to develop a deeper, granular understanding of risk - and fast.
While the power grid malware unleashed against Ukraine could be repurposed to attack other grids, "it's not to the point yet where people should be freaking out or building bunkers or anything silly like that," says Robert M. Lee, who heads industrial cybersecurity firm Dragos.
A simple Google search provides attackers with the how-to on where to find and purchase a phishing kit. This allows both sophisticated criminal organizations and the new, or "wannabe hackers," the same advantage when it comes to phishing attacks.
With such a large amount of attacks from a variety of sources...
What trait does a global cyberattack and a hurricane share? Both could cost insurers - and victims - dearly. In a new report, Lloyd's of London estimates that a major cloud services attack could trigger $53 billion in losses and cleanup costs.
Determined attackers constantly find new methods to outwit traditional security systems, using an arsenal of techniques to attack from every angle. Knowing who is behind the threats you face and what their motivations are can help you implement security measures to put them on the defensive.
Organizations and analysts need the ability to shift threat intelligence from a data feed into actionable results - this is the core of applied threat intelligence (ATI). Organizations need to move their thinking away from viewing data breaches as a onetime event and instead recognize that with every incident they are...
Enterprise Intelligence is an ongoing practice in which organizations analyze disparate data sources to identify the vulnerabilities and threats across the enterprise.
Download this infographic and learn:
How much more likely analytically driven organizations are to respond to security threats;
What percent of...
A new report into the state of consumer routers by Carnegie Mellon researchers is unsparing in its criticism: It's a market of lemons, and virtually all of the test models had security problems. What's the solution?
Organisations of every size are experiencing a problem as their operations digitally transform. They are unable to secure mission-critical workloads on cloud-based infrastructure without increasing risk, operational friction, or introducing compliance violations.
However, creating simpler and faster user-based...
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
The latest edition of the ISMG Security Report leads with an analysis exploring how artificial intelligence can be used by hackers to threaten IT systems and by organizations to defend critical digital assets. Also, a deep dive into the NotPetya ransomware attack.
The Cyber Threat Alliance is developing playbooks that will show organizations how to stop hackers from causing havoc. Alliance President Michael Daniel explains how the playbook could help to disrupt a cyber attacker's business model and processes.
It's not enough to comply with government and industry regulations such as SOX, PCI, MICS, and HIPAA. Organizations must also prove their compliance to auditors on a regular basis. Even companies not bound by regulatory requirements may need to confirm their adherence to internal IT security policies.