We have moved from cybersecurity strategy to cyber resilience strategy, said Fene Osakwe, a board member of the Forbes Technology Council. As a result, he said, we still start with identifying assets, but we keep going until we achieve recovery.
The rapid pace of API development has created major risk for companies given the amount of data that's being exposed, said Salt Security CEO Roey Eliyahu. The security industry hasn't adapted quickly to address these problems since it's still used to relatively static APIs that were easy to guard.
ISMG's Healthcare Security Summit 2023, held in New York City on July 18, brought together leaders from the cybersecurity and healthcare industries to engage in a dynamic exchange of ideas and address pressing challenges faced by the healthcare community.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Morphisec's Michael Gorelik discussed automated moving target defense - or AMTD, which is a risk-reduction strategy and preventive measure that reduces adversary success rates and provides "the final layer of defense."
Why are so many fresh zero-day vulnerabilities being exploited in the wild? Google reported that attackers often discover variants of previously exploited flaws, which suggests that vendors aren't doing enough to fix the root cause of flaws - or to avoid introducing fresh ones with their fixes.
Threat actors who recently attacked a dozen Norwegian ministries by exploiting a zero-day vulnerability in Ivanti's endpoint management software appeared to have another zero-day flaw that tied to the overall attack exploit chain, Ivanti confirmed on Friday.
The latest generation of ransomware and phishing attacks is being designed to evade existing network security controls such as gateways and firewalls, said Menlo Security CEO Amir Ben-Efraim. Threat actors have taken the time to codify, register and customize URLs to impersonate a bank's help desk.
A security researcher recently found a database exposed to the internet containing sensitive information on independent school students and faculty including financial data, salary, professional details, health information and child abuse reports. The security lapse affected nearly 700,000 records.
In the latest weekly update, ISMG editors discuss the surging number of MOVEit breach victims and the state of ransomware innovation, why the federal government warned healthcare firms about the use of web trackers, and how the DOJ is expanding its "whole of government" approach to fight ransomware.
Application journeys are fluid in practice because applications can live anywhere. Complex deployments with too many tools to configure and manage and overwhelmed IT teams lead to mistakes, so organizations should take a cybersecurity mesh platform approach to securing their application journeys.
A Russian court sentenced cybersecurity firm Group 1B co-founder Ilya Sachkov on Wednesday to 14 years in prison in a case that state-run media says stems from delivering classified material to foreign intelligence. Group 1B defended its former CEO, calling the trial a "pretext" for prison.
SMB cybersecurity platform Coro purchased an early-stage Israeli startup to bring network connectivity to its SASE offering for midmarket organizations. Coro said its buy of Jerusalem-based Privatise will give Coro clients a secure way to connect, manage and filter out malicious content.
Practicing incident response procedures is as important as practicing fire drills, said CISO Nick Prescot of Norgine. But beyond regularly testing the plan, security leaders must foster a collaborative environment so their teams maintain a sense of calm in the heat of an incident.
The U.S. federal government says hacker abuse of valid credentials is the most successful method for gaining access to systems and the technique is responsible for slightly more than the half of critical infrastructure attacks that occurred over a yearlong period.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.