The mass migration to cloud has only added to the global cybersecurity gap, and John Yeoh, global vice president of research at the Cloud Security Alliance is among those calling for greater "diversity by design" as enterprises look to fill these roles.
From identity and access management to cloud migration and connected devices, retired RSA CEO Art Coviello looks beyond the pandemic and says, "It's going to be a Roaring '20s for technology." But he also foresees a potentially calamitous decade for security.
FBI agent Elvis Chan dedicated four years to election security, and he doesn’t hesitate to say: The 2020 presidential election was "the most secure election of my career." He explains why, and what lessons learned we can apply to future elections.
As former U.S. cybersecurity coordinator in the Obama administration, Michael Daniel is well-versed in critical infrastructure vulnerabilities. Now, as president and CEO of Cyber Threat Alliance, he's working to bring the public and private sectors together to improve cybersecurity defenses.
As CISO of Johnson & Johnson, Marene Allison was used to gauging her security posture by the top threat activity: nation-state, cybercrime, insider or hacktivist. But in 2020, they all struck at once. Here is one CISO's take on the state of the industry.
If your organization connects to the internet, it is likely that you have exposed databases. Exposed databases are leading to endemic data loss across all businesses, with personal data, intellectual property and credentials being left unprotected till after a breach occurs. This means every business is living under...
As former CISO of Pacific Gas & Electric, Bernie Cowens knows plenty about cyber securing the nation's critical infrastructure. He shares his informed opinion on the Colonial Pipeline ransomware attack and what public and private sector entities must do to shore up key defenses.
President Joe Biden signed an extensive executive order Wednesday that describes the government's plan to increase cybersecurity protection across the public and private sectors as well as secure the nation's infrastructure against the type of attack that targeted SolarWinds and its customers.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.
Does the West want to have its digital existence defined by adversaries, or is it ready to devote the time, resources, expertise and planning required to more fully take control of its evolving destiny? That's the techno-Darwinian call to arms issued by Jeremy Fleming, the director of Britain's GCHQ intelligence...
The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that federal agencies and other entities have been compromised by two attack groups, with one possibly acting on behalf of the Chinese government. The groups are exploiting vulnerabilities in Ivanti's Pulse Connect Secure.
A bombshell news report suggests that Dutch mobile network provider KPN in 2010 didn't know if one of its major equipment suppliers - China's Huawei - was spying on users. Viewed 11 years later, the report stands as a reminder to constantly review and address risks posed by suppliers.
Codecov, a company that tests software code prior to release, has notified customers that attackers had access to its network for a month and placed malware in one of its systems, which may have led to the exfiltration of customers' information.
The latest edition of the ISMG Security Report features an analysis of whether the FBI removing malicious web shells from hundreds of compromised Microsoft Exchange Servers could set a precedent. Also featured is a description of an unusual fraud scam plus an update on security product development trends.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.