In light of the SolarWinds supply chain breach and other security incidents, the United States has substantial work to do in building a resilient digital infrastructure, says David Forscey of the Aspen Cyber Group, who outlines a five-step road map.
In his first remarks about the massive hacking operation that leveraged a tainted SolarWinds Orion software update, President Donald Trump on Saturday downplayed the seriousness of the incident and contradicted Secretary of State Mike Pompeo, who had pointed a finger at Russia.
The NSA has issued a warning about two hacking techniques that could allow threat actors to access cloud resources by bypassing authentication mechanisms. The alert follows a week's worth of revelations over the SolarWinds breach that has affected government agencies and other organizations.
The latest edition of the ISMG Security Report features an analysis of what we know so far about the impact of the SolarWinds supply chain hack and how to respond.
A Deloitte survey has revealed that more than 90% of C-level executives slate less than 10% of their cybersecurity budgets to digital transformation projects.This large gap between budgets and technologies creates a cyber vulnerability, where the newest and least understood digital systems are potentially unmonitored...
Following the discovery that attackers Trojanized SolarWinds' Orion software, expect the list of organizations that were running the backdoored network-monitoring tool to keep increasing. But with this being a suspected cyberespionage operation, attackers likely focused on only the juiciest targets.
Five U.S. government agencies have been hit so far via a sophisticated supply chain attack. The intrusions appear linked to subverted software updates for SolarWinds' Orion network monitoring product, which is widely used by businesses and the U.S. government.
A Florida-based company that provides support services to hundreds of dental practices in 20 states says it's been hacked, exposing information - including payment card numbers - on more than 1 million patients.
The past year has been marked by economic uncertainty stemming from the global pandemic, which has also created an expanded remote workforce and broadened the attack landscape.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
It's understood: Ongoing monitoring of third party relationships is mission-critical. But what constitutes ongoing monitoring? Who should own it? Who should do it? Todd Boehler of ProcessUnity addresses these questions and more.
With over 85,000 third parties ingested and nearly 4,000 third parties assessed, CyberGRX is using this important data to inform the industry and organizations around the world of third-party risk insights and trends.
This white paper gives invaluable insight into topics such as:
Which industries are the most...
With insufficient intelligence, threat teams do not have the details to make appropriate assessments and recommendations.
Read this whitepaper to learn how your organization can:
Gain visibility of your extensive third parties
Employ machine-speed behavioral analytics, and collaborative analysis in...
Based on the threats and tactics unleashed in 2020, cybersecurity promises to be a top-of-mind business risk for the next president to manage. Bill Swearingen of IronNet Cybersecurity reflects on a virtual roundtable discussion about what to expect over the next four years.
The U.S. Government Accountability Office is urging policymakers to adopt coordinated cybersecurity monitoring of 5G networks, to ensure a safe rollout of the new technology.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.