A proposed rule requiring publicly traded companies to disclose a breach within four days of deeming it material will force CISOs to determine the consequences of breaches sooner. CISOs will need to have board-level conversations within a day or two of discovering an issue to assess materiality.
Sunder Krishnan, chief risk officer at Reliance Nippon Life Insurance Co., a joint venture of Reliance Capital and Nippon Life, discusses risk management approaches; using PAM, data encryption and other processes to safeguard customer data; and investing in behavioral systems to secure data.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
A week after the Spring4shell vulnerability was first detected, security companies Microsoft, Check Point and Akamai have identified exploitation attempts, and Trend Micro has confirmed the first successful attempt - the Mirai botnet leveraging CVE-2022-22965 for its malicious operations.
David Pollino, former CISO of PNC Bank, joins two editors at ISMG to discuss what organizations can do to harden their cybersecurity defenses, how we need to think about our adversaries differently in today's threat landscape and how the "Great Resignation" is affecting cybersecurity.
Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.
Investment platform Cash App, a subsidiary of U.S.-based payments company Block, says it has been breached. The incident happened last year when a former employee downloaded reports containing Cash App U.S. customer information, including full names, brokerage account numbers and portfolio values.
CrowdStrike, Microsoft and Trend Micro sit atop the Forrester Wave for endpoint detection and response as vendors grapple with business data increasingly moving to the cloud. This has forced EDR providers to build out full-fledged Extended Detection and Response platforms that protect cloud data.
In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.
This edition discusses the latest episode of "The Ransomware Files," which covers the REvil ransomware gang's 2021 attack on Kaseya. It also examines how healthcare entities can prepare for potential spillover attacks from the hybrid Russia-Ukraine war and highlights from ISMG's Chicago Summit.
The Justice Department has announced that it has successfully disrupted "Cyclops Blink," a botnet controlled by the Russia-linked threat actor Sandworm, aka Voodoo Bear. The court-authorized operation was conducted in March and removed the botnet from thousands of infected devices worldwide.
New BeyondTrust CEO Janine Seebeck plans to help privileged users protect themselves by applying machine learning to detect patterns in the data generated across BeyondTrust's 20,000 customers. She starts as BeyondTrust's CEO July 1 and replaces Matt Dircks, who has led the company since 2014.
Financial institutions must be aware of artificial intelligence being used by criminals against them, says John Buzzard, lead analyst, fraud and security, Javelin Strategy & Research. He discusses the findings of Javelin's latest identity fraud report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.