Content by Cal Harrison

Efficient Management of Enterprisewide Data Protection

Cal Harrison  •  May 8, 2023

Over the years, most organizations acquire multiple tools for protecting data but a variety of personnel and policies make it difficult to manage enterprisewide. Skyhigh Security’s Nate Brady says it’s time to look into the latest security service edge and secure access service edge solutions.

Harnessing Identity Data on Your Journey to Zero Trust

Cal Harrison  •  May 1, 2023

Identity and access management technology has been around for decades, but identity-related breaches happen every day. The problem is not the underlying system. It’s whether organizations can take advantage of the wealth of data within their systems, says Radiant Logic's Wade Ellery.

Poorly Set Server, Human Error Blamed for DC Health Breach

Cal Harrison  •  April 19, 2023

House Oversight Committee members on Thursday called for the firing of whoever caused the DC Health Benefit Exchange breach and exposed the personal information of Congress members on a dark web forum. The breached was blamed on "human error" and a server configured with no authentication controls.

Overcoming Federal Sector Compliance Regulation Challenges

Cal Harrison  •  April 5, 2023

The sheer volume of federal regulations in place makes it almost impossible for agencies to monitor and comply with all of them, much less understand the impact of new ones. Nick Graham of Skyhigh Security explores the many compliance challenges - and how to overcome them.

Lawmakers Weigh Laws Proposed in Biden's Cyber Strategy

Cal Harrison  •  March 23, 2023

Members of a U.S. House subcommittee got their first look at the Biden administration's new national cybersecurity strategy and quizzed the White House cybersecurity director on the timeline, proposed regulations and incentives for private businesses.

CISA Alert: 4-Year-Old Software Bug Exploited at US Agency

Cal Harrison  •  March 15, 2023

U.S. cybersecurity officials on Thursday issued an alert about a 4-year-old software vulnerability that has been exploited by hackers, including one APT group, in a federal civilian agency. Users are advised to immediately apply the software patch to the Progress Telerik UI for ASP.NET AJAX.

10 Belt-Tightening Tips for CISOs to Weather the Downturn

Anna Delaney , Cal Harrison  •  February 28, 2023

With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.

Data Protection: Data Has No Jurisdiction

Cal Harrison  •  February 17, 2023

In this podcast, Rodman Ramezanian, global cloud threat lead at Skyhigh Security, discusses why the risk of data breaches is so high, how security teams can protect data wherever it resides, and why security leaders should embrace a new mindset for data protection.

Ransomware Hit on ION Group Delays EU Derivatives Trades

Cal Harrison  •  February 1, 2023

Attackers this week locked up the business of London-based ION Cleared Derivatives, a software firm that supports derivatives trading, forcing major European banks to process trades manually and prompting a major futures exchange to delay the settlement of trades for two hours.

Facebook, Instagram Blasted for 'Lame' Security Practices

Anna Delaney , Cal Harrison  •  January 26, 2023

Meta's popular social media platforms are increasingly being targeted by cybercriminals, and account takeover complaints rose over 1,000% last year. This social threat is spilling over into banks and government agencies, and experts criticize Meta for moving too slowly to address security issues.

Leaked Emails of 200M Twitter Users Now Available for Free

Cal Harrison  •  January 4, 2023

A member of a criminal data breach forum that tried to sell the email addresses of 400 million Twitter users to CEO Elon Musk last month has now posted the stolen data for anyone to download for free. The 63GB of data includes names, handles, creation dates, follower counts and email addresses.

A Look Ahead: Cybersecurity Trends to Watch in 2023

Anna Delaney , Cal Harrison  •  December 26, 2022

Information Security Media Group asked some of the industry's leading cybersecurity experts about the trends to watch in 2023. Responses covered a variety of emerging threats and evolving trends affecting security technologies, leadership and regulation. Here is a look at the year ahead.

Could a Digital Red Cross Protect Hospitals From Ransomware?

Cal Harrison  •  November 9, 2022

The Red Cross symbol has marked people and facilities off-limits to attack across a century of wars, but security experts are skeptical about a proposal to create a digital Red Cross marker to protect healthcare and humanitarian groups from cyberattacks. The reason? You can't trust cybercriminals.

Should Public Utilities Get Paid to Secure the Power Grid?

Cal Harrison  •  October 6, 2022

Made up of 3,000 public utilities, the U.S. power grid has many weak links in its cyber defenses. Regulators can fine utilities for service outages, but a proposed federal program and recent Purdue University study say financial incentives will help firms make the right security investments.

Digital Identity Bill Passes Key Senate Milestone

Cal Harrison  •  October 3, 2022

A Senate committee this week approved a bill that would create governmentwide standards for identity verification and provide grants to help states and local agencies upgrade ID systems and offer online digital identity services. Supporter Jeremy Grant hopes to see a full Senate vote in 2022.