With the explosion of laptops, IoT, tablets, smartphones and other smart technologies, endpoints are the single largest group of devices inside your network today. Managing all of your assets and their software requires three foundational steps.
Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for "all hands on deck" to respond to the incident.
Defending your organization from risk means confronting the potential security vulnerabilities that are present in your third party network. Deloitte reports that 83% of today's business leaders lack confidence in third party vendor risk management processes. Why? Because traditional VRM methods are no match for the...
Financial institutions have long been aware of the need to manage
risk in third- and fourth-party vendors, and most have a formal
program for managing that risk. Yet an existing third party risk
management (3PRM) program may not address today's increased
levels of outsourcing and new global regulatory...
Two out of three organizations say that finding qualified cybersecurity professionals is a struggle, a new study shows. And 80 percent of respondents do not feel adequately prepared to defend their organizations. Kathie Miley of Cybrary and Wade Baker of Cyentia Institute discuss how to bridge the cyber skills gap.
We all know that our organization's data may exist on the dark web. Much like a dollar bill of any demonetization looks and feels basically the same, a $1 bill is not worth the same as a $50 or a $100, your organization's potential risk equates to how much your exposed data is worth.
So, how do organizations...
Governing cyber risk across Europe and the UK does not have to feel like crossing a minefield. In this webinar, Andy Norton of Lastline provides insight into the simple traps that organizations fall into, how to correctly estimate the probability of a data breach and how to ensure appropriate remediation if a threat...
While other corporate functions have embraced benchmarking, risk and security teams have been left in the dark. Existing tools for network security are unable to compare security performance against industry averages and peers. To effectively understand the impact of security programs and communicate changes to key...
Multinational semiconductor maker Advanced Micro Devices has confirmed that there are 13 flaws in some of its chipsets that could be exploited to manipulate chip firmware for malicious purposes. AMD plans to provide fixes in the form of firmware updates that it claims should not affect system performance.
The technology and operating models for identity and access management have evolved with time, but the way many enterprises approach IAM has not. How can security leaders modernize their IAM strategy in this era of unprecedented complexity? Patrick Wardrop of IBM Security shares insights.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
More than 95,000 servers that run the open source Memcached utiltity appear to remain vulnerable to being abused to launch massive DDoS attacks, with one such attack reaching a record 1.7 terabits per second. Here's how organizations and IT administrators must respond.
The attorney general of Pennsylvania has filed a lawsuit against Uber for allegedly violating the state's mandatory breach notification law. It's the latest in a long string of legal and regulatory repercussions Uber is facing after waiting more than a year to disclose a serious breach.
A new strain of the Petya ransomware called "Bad Rabbit" is impacting business and sweeping across Russia and Ukraine, among other Eastern European countries. Like many of the other ransomware outbreaks, understanding fact from fiction is the first step in staying safe.
There is no doubt that every organization now requires advanced malware protection. Even so, there are plenty of organizations that have either not yet implemented this protection, or have it only somewhat implemented. Do these organizations recklessly believe they won't be targeted? Do they think their investment in...