This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds last December. These second-stage malware variants appear to have been deployed after organizations downloaded the "Sunburst" backdoor hidden in a software update.
Traditional perimeter-based IT security models aren’t well suited for today’s world of cloud services and mobile users. Savvy attackers can breach enterprise networks and fly under the radar for weeks or even months.
Threat actors always find new and innovative ways to penetrate networks, steal data, and disrupt...
Disruption is happening on an unprecedented scale in financial services—from the competitive landscape to natural disasters to cyber threats to new technologies. No matter what happens, customers and regulators expect your operations to remain steady and reliable. Find out how to move quickly and seamlessly to...
Today’s financial institutions struggle to adequately manage risk and ensure. compliance with applicable regulatory requirements. Learn how to establish effective, efficient, and resilient organizations by connecting systems and managing risks across the enterprise.
Operational Resilience is the ability of an organization to continue to serve its customers, deliver products and services, and protect its workforce in the face of adverse operational events by anticipating, preventing, recovering from, and adapting to such events. Learn the key steps you can take today.
The Financial Services industry operates in a unique business environment with very particular requirements. Providing critical services that handle large volumes of sensitive and valuable data while meeting strict regulations for security and privacy can present significant challenges.
The oil and gas industry continues to be an attractive target
for cyber criminals, making it essential for companies to
adopt a more proactive approach to cyber defense.
Download this case study to learn more about:
How combining industry experience with the right technology can help your organization;
This multinational pharmaceutical
company’s supply chain was distributed
across multiple manufacturing plants
and countries. While it had a good
understanding of the number of OT devices
on its networks, it wasn’t able to clearly
see how assets were communicating and
where vulnerabilities and risks...
In the new world of increased cyber risk, approaches that bridge the
IT/OT divide are no longer optional – they’re mission critical. Executive
leadership expects CIOs and CISOs to anticipate and stay ahead of the
enterprise-wide threat landscape, including oversight of cyber risks
related to industrial...
Digital risk is everyone’s business, from the CEO to the end user. Yet in
many organizations, it’s the IT department that is tasked with managing
and minimizing it.
Gartner predicts that by 2023, 75% of organizations will expand their risk
management programs to address new cyber-physical systems...
As society deals with the second year of the COVID-19 pandemic,
organizations are accelerating digitization to survive and thrive. This
places more focus on operational systems, which are at the heart of
value and revenue creation.
Adding to challenges, cybersecurity is ranked by executives as the
Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.
The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.
A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.