Charles Gillman, head of information security at Moula Money and executive member of the CyberEdBoard

How to Save Money on Pen Testing - Part 1

Charles Gillman • November 24, 2021

The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.

►

3rd Party Risk Management

Digitizing and Securing Norway's Railway Network

Latest

Cybercrime

The Best Gift for the Holidays? An Incident Response Plan

Anna Delaney • November 26, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why security teams are still unprepared for cyberattacks over weekends and holidays, which experts warn is when attackers love to strike.

Endpoint Security

Medical Data Exposed in Breach at True Health New Mexico

Jeremy Kirk • November 26, 2021

A health insurer in New Mexico is warning of a data breach that exposed customers' personal and medical information. True Health New Mexico reports that nearly 63,000 individuals' personal details were exposed in the "early October" incident. It's offering all victims prepaid credit monitoring services.

3rd Party Risk Management

Essential Preparations for the Holiday Season Attack Surge

Anna Delaney • November 26, 2021

The latest edition of the ISMG Security Report features an analysis of how organizations can reduce risk especially over holidays and weekends, when attackers are most likely to strike. Also featured: Highlights from Ireland's IRISSCON 2021 cybercrime conference; what's ahead for COVID-19 and the workplace?

Critical Infrastructure Security

Cybersecurity Unplugged: Improving Healthcare Security

Steve King • November 26, 2021

In this episode of "Cybersecurity Unplugged," Dan Bowden, CISO at Sentara Health, discusses telemedicine, IoMT, and explains why we’re lagging so far behind in healthcare security. "It’s because of how the data is managed, data standards, data integrity."

Cybercrime

Ransomware: Best Practices for Negotiating a Ransom Payment

Mathew J. Schwartz • November 25, 2021

No ransomware victim ever wants to pay a ransom. But if for whatever reason they choose to do so, multiple tactics can help them negotiate down initial demands by 50% or more. So say two researchers at NCC Group's cybersecurity division Fox-IT, based on their review of over 700 ransomware negotiations.

Business Continuity Management / Disaster Recovery

COVID and the Holidays: What You Need to Know

Tom Field • November 23, 2021

COVID-19 deaths are down in some parts of the U.S., but infection rates are up. What does this mean as the nation kicks off its holiday season with Thanksgiving? Pandemic expert Regina Phelps shares insight on how to approach the holidays and what it will take to attain an endemic state.

3rd Party Risk Management

US Cybersecurity Alert: Hackers Won't Respect Thanksgiving

Mathew J. Schwartz • November 23, 2021

The U.S. government warns all businesses that they're at elevated risk of online attacks during Thanksgiving, given attackers' proclivity to strike on weekends and holidays. The alert is a reminder of the importance of having in place well-practiced incident response plans. Here's where to start.

Cybercrime

Cybersecurity Unplugged: Start on the Zero Trust Journey

Steve King • November 23, 2021

Drawing on his deep background in technology, government and law, cybersecurity adviser Tony Scott delves into many pressing issues in cybersecurity today - including zero trust. In this episode of "Cybersecurity Unplugged," he says organizations should get started on the journey now.

3rd Party Risk Management

Healthcare's Biggest Security Challenges and Frustrations

Marianne Kolbasuk McGee • November 23, 2021

Many healthcare entities are resistant to implement multifactor authentication, and that is among the most frustrating critical security mistakes that organizations in that sector make, says Tom Walsh, founder of security consultancy tw-Security.

3rd Party Risk Management

ISMG Editors: Cyberspace Solarium Commission Updates

Anna Delaney • November 19, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the status of the recommendations of the Cyberspace Solarium Commission today and what still needs to be enacted by the current Congress, addressing the increasing challenge of cyberattacks...

Business Continuity Management / Disaster Recovery

Ransomware Attackers: 'No Days Off!'

Tom Field • November 19, 2021

We know they are coming, and yet we are still ill-prepared. Cybereason surveyed 1,200 global cybersecurity professionals on ransomware. And while most are concerned about attacks, nearly one-quarter have no contingencies for weekends and holidays - the favored strike time. Sam Curry explains why.

Cybercrime

The Ransomware Files, Episode 2: Bridging Backup Gaps

Jeremy Kirk • November 19, 2021

This is the second episode of "The Ransomware Files," a podcast miniseries focused on stories of resilience in the fight against ransomware. An Australian company, Matthews, saw its backups corrupted and attackers release its data. The company recovered however, and has greatly improved its IT security defenses.