Patricia Muoio, partner, SineWave Ventures

Are We Doomed? Not If We Focus on Cyber Resilience

Steve King • January 30, 2023

In this episode of "Cybersecurity Unplugged," Patricia Muoio, a partner at SineWave Ventures, discusses the need for cyber resilience as security leaders face the inevitable stream of cybercrimes, how to achieve it through a zero trust approach, and how CISOs and the government can help.

Artificial Intelligence & Machine Learning

Lessons to Learn From CircleCI's Breach Investigation

Latest

Identity & Access Management

Okta Exec Sagnik Nandy on Protecting the Extended Workforce

Michael Novinson • January 31, 2023

The guardrails organizations use to protect employee identities are often ineffective for contractors, business partners or vendors since they bring their own devices. Many businesses struggle to implement identity safeguards in a setting that's more heterogeneous and offers fewer controls.

Breach Notification

ITRC Breach Report: Lack of Transparency, Details Worsen

Anna Delaney • January 31, 2023

The Identity Theft Resource Center's 2022 Annual Data Breach Report reveals a near-record number of compromises - the second-highest number in 17 years. ITRC COO James Lee worries that a sudden lack of transparency in breach notices is creating more risk for consumers.

Customer Identity & Access Management (CIAM)

Founder Sachin Nayyar Back as CEO of Identity Vendor Saviynt

Michael Novinson • January 31, 2023

Saviynt has brought founder and longtime leader Sachin Nayyar back as its chief executive to govern access around privileged, machine and third-party identities. Saviynt wants Nayyar to implement a strategy that incorporates everything from critical apps and cloud workloads to IoT devices and bots.

Critical Infrastructure Security

Russian Sandworm APT Adds New Wiper to Its Arsenal

Mihir Bagwe • January 31, 2023

Security researchers say they found the Russian intelligence-linked Sandworm threat actor deploying a novel disk wiper against an energy sector company located in Ukraine. Data wipers have played a key role in Russia's hacking campaign against Ukraine.

Governance & Risk Management

Tenable's $25M Venture Capital Fund Seeks Early-Stage Firms

Michael Novinson • January 30, 2023

Tenable has debuted a $25 million corporate investment program to support prevention-focused startups focused on technologies such as cloud, OT and identity. The Baltimore-area exposure management vendor says Tenable Ventures plans to scour Israel and the United States for startups.

Fraud Management & Cybercrime

ISMG Editors: Why Are Ransomware Profits Dipping?

Anna Delaney • January 27, 2023

In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether ChatGPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.

Next-Generation Technologies & Secure Development

Venture Capitalist: Now Is an Ideal Time to Invest in Cyber

Tom Field • January 26, 2023

Valuations are down, some companies have left the market altogether, and some even have announced deep rounds of layoffs. Yet, Alberto Yépez of Forgepoint Capital retains optimism for the cybersecurity marketplace in 2023 and says now is the ideal time to be ramping up investments in innovation.

Privileged Access Management

Delinea Snags David Castignola as CRO to Push Beyond Banking

Michael Novinson • January 25, 2023

Privileged access management vendor Delinea has hired longtime RSA sales leader David Castignola to expand beyond North America as well as in nonregulated industries. Delinea hopes to increase sales beyond verticals such as financial services, banking, healthcare, insurance and the public sector.

Cloud Security

Microsoft 365 Cloud Service Outage Disrupts Users Worldwide

Mathew J. Schwartz • January 25, 2023

Microsoft blamed an internal network configuration change for outages that disrupted access to Microsoft 365 services, including Microsoft Teams and Outlook, for users around the world. The change has been rolled back and additional infrastructure added to speed restoration, it says.

Fraud Management & Cybercrime

ISMG Editors: Why Is LockBit Ransomware Group So Prolific?

Anna Delaney • January 20, 2023

In the latest weekly update, ISMG editors discuss why being a CISO is like being the first family doctor in a small village, why you can't trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt from Morgan Stanley to fuel its SASE offering.

Open XDR

eSentire CEO Kerry Bailey on Using XDR to Cut Business Risk

Michael Novinson • January 20, 2023

eSentire has used the $325 million it received in February to leverage data from its Atlas XDR platform and strengthen customers' positions around cyber resiliency. The Kitchener, Canada-based company has shifted its focus from alerts and data to business worries and business risk.

3rd Party Risk Management

BlueVoyant CEO on How to Remediate Supply Chain Defense Bugs

Michael Novinson • January 19, 2023

BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.