Big, bad bugs - including the likes of Heartbleed, BlueKeep and Drupalgeddon - never seem to burn out. Instead, they just slowly fade away, despite the risk that attackers will successfully exploit them to steal data, seize control of systems or deploy ransomware.
Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.
Getting cybersecurity right means CISOs need peer relationships with other operations executives. CISOs need board access and a handle on the company business, writes Ian Keller, director of security at a telecom company. "And then you'll wake up and realize this is not as simple as it sounds."
As the world embraces renewables and green energy, is the energy sector properly learning from past cybersecurity mistakes? Rafael Narezzi, CTO of CF Partners, discusses current industrial cybersecurity shortcomings and the need for the industry to take a more mature and proactive approach.
Chaim Mazal, discusses the issues affecting CISOs, including how increased market share leads to increased problems and how having uniform, automated controls can provide security and enforce compliance.
The enterprise, workforce, attack surface and threat landscape all have transformed over the past two years. How has the concept of cyber resilience also transformed? Kris Lovejoy of Kyndryl shares insights on resilience maturity and why it's about recovery.
Four ISMG editors discuss important cybersecurity issues, including the hot topics at ISMG roundtable discussions - such as challenges around software supply chain security, highlights from ISMG's upcoming Healthcare Summit, and how some cybersecurity vendors are creating their own venture funds.
In today's extended enterprise, there are more endpoints than ever - and the adversaries will take advantage of any vulnerability. Nirav Shah of Cisco offers insights on the top five tips for defending these endpoints, as well as questions you need to be asking of prospective service providers.
Employees are leaving at an unprecedented rate. As a result, the Great Resignation has created more opportunities for data loss than ever before. According to the 2022 Voice of the CISO report, CISOs agree that protecting data has become an increased challenge. So, how do you protect your organization against data...
As this technology is automated, it can also scan more accesses because a new rule doesn’t need to be created for each access. You can jump from a 1% audit rate to a 99% audit rate.
CyGlass completed a management buyout from Nominet just two years after being acquired and wants to build an EDR stack via partnerships. Board and management changes at Nominet in 2021 resulted in the company returning to its registry roots and gave CyGlass workers the chance to buy the company.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
"I'm concerned that at some point the Russians are going to launch cyber retaliatory attacks against the United States at election infrastructure and the transportation, financial and energy sectors," says Elvis Chan, supervisory special agent at the San Francisco Division of the FBI.
XM Cyber has purchased Cyber Observer to help customers ensure their security products are installed and configured correctly and not opening up potential attack vectors. The deal will help customers see both their areas of exposure as well as how their existing security controls can react.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.