Upcoming enterprise IoT ecosystems and conventional OT networks share similar security challenges, and as the two converge, organizations need to re-evaluate core security processes, says Richard Bussiere of Tenable Network Security.
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
While IT and OT integration has brought about new levels of operational efficiency, it has also introduced serious cyber risks that conventional IT security approaches might fail to address, says IBM Security's Paul Garvey.
Over the past year, financial services organizations have seen an 87% increase in credential leakage, 149% increase in stolen credit cards, 151% increase in cyberattack indications and 49% increase in fake social media accounts. In addition, state-sponsored APT groups (with little to no financial motivation) have...
A cryptocurrency investor is suing AT&T for $240 million, alleging he lost $24 million in virtual currency after the carrier failed to stop two separate attacks where his phone number was commandeered by attackers. The incident highlights the dangers of using a phone number as an authentication channel.
SIEM (security information and event management) software offers a lot of promise, but legacy SIEMs simply can't keep up with the rate and sophistication of today's cyberattacks. Organizations today require access to analytics-driven SIEMs that combine a big data platform that is optimized for machine data with...
On May 25, 2018, per the General Data Protection Regulation (GDPR), organizations with business ties to the European Union will need to comply to GDPR standards. The cost of non-compliance are stiff fines. The GDPR contains nearly 100 separate and nuanced articles that can be difficult to understand even if you are a...
IT teams at regional banks and credit unions are stretched thin. They're expected to meet compliance obligations while simultaneously taking care of cyberthreats. This is particularly true for mid-sized institutions without resources dedicated to security or compliance, putting them at risk.
What options do...
Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
Real-world incidents prove over and over again that many of the most widespread issues still stem from a lack of basic cyber hygiene. This report looks at where organizations are falling on the basics and outlines steps for establishing a strong foundation for security.
Download this industry-leading report to...
Although there's widespread agreement that addressing security early in the software development cycle is an essential component to any breach prevention strategy, implementing DevSecOps can prove challenging.
Securing the public cloud is not as challenging as it used to be, but too many organizations are still taking the wrong approach, says Microsoft's Jonathan Trull. Understanding the shared responsibility model for security is critical, he says.
Security silos persist because stakeholders within the enterprise security ecosystem are focused on their own key performance indicators, says Abdallah Zabian of DXC Technology, who suggests a more holistic approach is needed.