More organizations are using attack path management to simulate how attackers will likely break into any given environment, to help IT and security teams better allocate resources and prioritize remediation efforts to optimize their defenses, says Paul Giorgi of XM Cyber.
Top Russian diplomat Andrei Krutskikh is pressuring the U.S. to back down in cyberspace after the director of U.S. Cyber Command, Army Gen. Paul Nakasone, acknowledged America has conducted a "full spectrum" of virtual operations in support of Ukraine.
The COVID-19 pandemic has accelerated the migration to the cloud for many organizations, and there have also been challenges associated with securing hybrid or multi-cloud environments, according to Omdia Senior Principal Analyst Fernando Montenegro.
Crum & Forster CISO Chris Holden has helped organizations respond to many breaches over the years, and through this experience he has developed an excellent sense of who companies should call first and have on their response team if they suspect that a security incident has taken place.
While ransomware, third-party risk, phishing scams and insiders continue as the top threats facing healthcare and public health entities, the sector overall is becoming better prepared to deal with these issues than it was just a few years ago, says Denise Anderson, president and CEO of H-ISAC.
Customers, channel partners and technology partners are dealing with a broad range of security concerns spanning the gamut from the sophistication of the threat landscape to the skills shortage. John Maddison, Fortinet's CMO and EVP, products breaks down the most urgent priorities.
Cyber adversaries are embracing defense evasion, triple extortion, wiper malware and the accelerated exploit chain, and that is significantly reshaping the threat landscape that CISOs have to deal with, according to Derek Manky, head of Fortinet's FortiGuard Labs.
One of the most important recent developments by CISA has been the creation of the Joint Cyber Defense Collaborative, which is focused on operational private-public collaboration, says Kiersten Todt, CISA chief of staff.
As the dwell time between when hackers compromise a system and when they trigger a ransomware attack has grown, victims have a little more precious time to detect and stop these attacks "before the worst happens," says Chet Wisniewski, principal research scientist at Sophos.
The Cyber Threat Alliance just celebrated its fifth birthday, and President and CEO J. Michael Daniel says the membership and information sharing both are growing at an impressive pace. He discusses the surge in ransomware and how organizations should respond.
There's good news and bad news regarding the current state of COVID-19 and its impact, says Regina Phelps, founder of Emergency Management and Safety Solutions Inc. "The rest of the world has moved on, she says, "but … we have a lot more infection and the opportunity for new variants."
The 15th edition of the annual Verizon Data Breach Investigations Report examines the rapid growth in ransomware, along with other threat vectors. Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group, discusses key findings and reviews the security landscape.
The latest edition of the ISMG Security Report discusses how security researchers have warned of a new attack campaign targeting 1,200 cloud-based Elasticsearch databases. It also revisits the Kaseya supply chain attack and examines how we can mitigate mobile phone fraud.
Memo to IT administrators: Don't store data in cloud in an unsecure manner. Security researchers at Secureworks have found more than 1,200 cloud-based, unsecured Elasticsearch databases that attackers wiped, leaving only a ransom note demanding Bitcoin in return for their restoration.
The healthcare sector is still behind many other critical infrastructure sectors in implementing critically important security technologies to protect against the rise in potentially devastating cyber incidents, says threat intelligence analyst Christiaan Beek of security firm Trellix.