Bobby Ford, CISO of Unilever, a multinational consumer goods firm, says the shift to a work-from-home environment requires an intensified focus on email security as well as identity and access management.
The latest edition of the ISMG Security Report sizes up progress made so far on identity management and the work yet to be done. Also featured: how security concerns are holding back IoT projects and the privacy issues raised by recording videoconferences.
A radiology technician allegedly inappropriately accessed thousands of patient records for more than eight years, according to a newly filed breach report from Kaiser Permanente Health Plan of the Mid-Atlantic States. The incident is yet another example of the challenges of dealing with insider threats.
Fraudsters are using fake VPN update alerts to target remote workers in an effort to steal their Microsoft Office 365 credentials, according to the security firm Abnormal Security.
Researchers at the security firm Trustwave have disclosed six vulnerabilities in SAP Adaptive Server Enterprise 16.0 (ASE) database software, with two rated as critical. These two vulnerabilities could enable attackers to perform arbitrary code execution and tamper with a system's data.
Two ransomware incidents recently reported to federal regulators as health data breaches illustrate that the surge in such attacks shows no signs of abating. Security advisers offer risk mitigation tips.
Thousands of unpatched Exim email servers are potentially vulnerable to a critical flaw that the NSA says Russian-backed hackers are attempting to exploit, according to the security firm RiskIQ, which also warns of two other Exim vulnerabilities that should be patched.
Stress levels for CISOs are increasing as they deal with emerging security issues during the COVID-19 pandemic. So it's more important than ever to make communication and diplomacy a top priority to help facilitate a team approach to security, says training specialist Keil Hubert.
Not all data breaches are what they might seem, and not all leakers are who they might claim to be. Take the doxing of the Minneapolis Police Department, supposedly by Anonymous hacktivists: The leaked employee information was almost certainly culled from old breaches. So who did it, and why?
Organizations have undergone rapid network transformation in the last two months, and though the change has now stabilized into a new normal, new security concerns that affect an organization's overall risk often have not been addressed. Now that the dust has settled, many leaders are examining the transformation and...
U.S. federal agencies reported 8% fewer cybersecurity incidents in 2019 compared to the previous year, according to the White House's Office of Management and Budget. But 71 audits of agencies' "high-value assets" showed many remain susceptible to attacks because of a lack of security measures.
A lawsuit seeking class action status has been filed against Atlanta-based Aveanna Healthcare in the wake of a 2019 data breach at the pediatric home healthcare provider that affected more than 166,000 individuals.
As organizations assess the long-term implications of a remote workforce, it's clear that SD-WAN technology will play an increasingly important role, says Renee Tarun of Fortinet, who discusses the way forward.
The developers behind TrickBot have updated it to run from an infected device's memory to help better avoid detection, according to researchers at Palo Alto Network's Unit 42. The use of this malware has increased during the COVID-19 pandemic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
