Bridging Workforce Gap with Diversity, Equity & Inclusion

Rashmi Ramesh • December 9, 2021

In 2021, the supply of cybersecurity professionals increased across the globe, with the exception of the Asia-Pacific region and some parts of Europe, says (ISC)² CEO Clar Rosso. She discusses factors behind the workforce gap and how a diverse team can improve resolution of cybersecurity problems.

►

Breach Notification

A Security Strategy for the Blockchain

Latest

Fraud Management & Cybercrime

Cyber Incident Reporting Mandate Excluded From Final NDAA

Dan Gunderman • December 8, 2021

Congressional negotiators have scrapped a provision in the must-pass defense spending bill that would have required owners and operators of critical infrastructure to report cybersecurity incidents and ransom payments made to criminal gangs.

Critical Infrastructure Security

National Cybersecurity and the Broader Threat Spectrum

Brian Barnier • December 8, 2021

Critical thinking, systems thinking and design thinking are important elements missing in cybersecurity education today. In this interview, Dan Faughnan, ex- Canadian Security Intelligence Service, discusses how thinking about cyber as part of a broader threat spectrum relates to national security.

Application Security

ISMG's King Appointed to Forbes Technology Council

Tom Field • December 8, 2021

Steve King, director of cybersecurity advisory services for ISMG's CyberTheory, has just been appointed a member of the Forbes Technology Council. He discusses the role, his passion for Zero Trust and new initiatives to expect from CyberTheory in 2022.

Governance & Risk Management

HHS Launches Repository for Health Sector Cybersecurity Help

Marianne Kolbasuk McGee • December 8, 2021

The Department of Health and Human Services has launched a new cybersecurity resource website aimed at helping healthcare and public sector entities of all sizes and types to better deal with the ever-evolving cyberthreat landscape.

Application Security

Going Inside the Mind of an Ethical Hacker

Anna Delaney • December 6, 2021

Casey Ellis, founder and CTO of Bugcrowd, shares insights from the company's annual report, Inside the Mind of a Hacker 2021, which reveals that 8 out of 10 ethical hackers recently identified a vulnerability they had never seen before.

Access Management

Missouri Governor's Hack Accusation Loses Steam

Jeremy Kirk • December 6, 2021

In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.

Endpoint Security

Report: NSO Group Spyware Found on State Department Phones

Dan Gunderman • December 3, 2021

Spyware from sanctioned Israeli firm NSO Group has reportedly been detected on at least nine iPhones belonging to U.S. State Department officials with "state.gov" email addresses, who are located in Uganda or whose work focuses on Uganda, according to Reuters.

Account Takeover Fraud

ISMG Editors: Are We Close to Cracking Cybercrime Ecosystem?

Anna Delaney • December 3, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the FBI has seized bitcoins from an alleged REvil ransomware affiliate, how to mitigate risks from BIN attacks and the latest COVID-19 trends globally.

Business Continuity Management / Disaster Recovery

Need to Negotiate a Ransomware Payoff? Newbies: Start Here

Anna Delaney • December 3, 2021

The latest edition of the ISMG Security Report features an analysis of best practices for negotiating a ransom payment. Also featured: Busting Zero Trust myths and the dangers of mythologizing defenders.

Access Management

The ROI of Shift-Left Automated Testing

Information Security Media Group • December 1, 2021

Forrester evaluates the benefits of automated testing for the mainframe.

Access Management

The Evolution of Privileged User Monitoring for Mainframes

Information Security Media Group • December 1, 2021

Learn how the latest advances in privileged user monitoring can close windows of opportunity for attackers and keep business-critical data safe from credential theft, lateral attack movement, ransomware, and other threats.

Cyberwarfare / Nation-State Attacks

How to Stop a Potential Ransomware Attack Before it Happens

Information Security Media Group • December 1, 2021

In this on-demand webinar, you’ll learn how you can get out in front of the ransomware threat to stop hackers from locking down your data in the first place.