In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.
Former members of the defunct Conti ransomware group are continuing to ply their trade under a variety of other guises, including Royal and Black Basta. Thanks to their agile and innovative approaches, post-Conti operations are "stronger than ever," one ransomware expert reports.
Identity is more important than ever in today's "work from anywhere" world where the need for secure authentication has become paramount. Zero Trust Authentication complements security investments in EDRs, EPPs, SIEMs and existing SSOs and delivers a passwordless experience that drives productivity.
Learn about best practices for privileged access management (PAM) in the context of how you’d secure valuables in your own home. In this episode of The Drawing Board, our experts discuss three PAM controls for guarding the pathways leading to the most sensitive resources in your house:
Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company. The Swedish firm said becoming publicly traded will accelerate Yubico's push to enter adjacent authentication markets and land clients in new verticals.
Further punishment of Moscow-based Kaspersky by the Biden administration could be the final nail in the coffin of the company's deeply wounded North American business. The U.S. Commerce Department is weighing enforcement action against the Russian cybersecurity giant under its online security rules.
In the latest weekly update, Venable's Jeremy Grant joins ISMG editors to discuss how to defend against the increasing use of MFA fatigue attacks, takeaways from a recent U.S. probe into compliance issues related to Login.gov services and the latest updates on the Improving Digital Identity Act.
Warning to criminals: Could that cybercrime service you're about to access really be a sting by law enforcement agents who are waiting to identify and arrest you? That's the message from British law enforcement agents, who say they're running multiple DDoS-for-hire sites as criminal honeypots.
The economic downturn has laid bare just how much of a disaster special purpose acquisition companies have been for the cyber industry. Despite this, confidential computing security vendor Hub decided to try its luck with a SPAC. So far, Hub's time on the Nasdaq Stock Exchange hasn't gone well.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
In his latest rant, Ian Keller, the Troublemaker CISO, decries lazy and bad coding practices, mistakes CISOs may make and unwarranted CISO-blaming by the media, unanswered requests for more funding and staff - and the epic failures all these can produce when a breach happens, as it inevitably will.
Apple is advancing plans to allow Europeans to access third-party app stores via their iPhone and iPad, as will soon be required under European law. What this means in practice for its vaunted walled garden security model, and whether most users will bother, remains unclear.
As the world looks into adapting 5G and studying 6G, satellite IoT is opening a new front for connectivity. There will be a demand for more LEO-based satellites for low-power communication, and these satellites will require completely new kinds of security, says Krishnamurthy Rajesh of GreyOrange.
The stark consequences of ransomware became painfully clear in Australia this week as attackers began releasing data from health insurer Medibank, one of the country's largest health insurers. Also, leaked chat logs reveal how the attackers accessed Medibank's systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.