The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.
Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.
An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks.
A radiology technician allegedly inappropriately accessed thousands of patient records for more than eight years, according to a newly filed breach report from Kaiser Permanente Health Plan of the Mid-Atlantic States. The incident is yet another example of the challenges of dealing with insider threats.
A former IT administrator for an Atlanta-based building products distribution company has been sentenced to 18 months in federal prison after he sabotaged the firm by changing router passwords and damaging a critical command server. Overall, Charles E. Taylor caused more than $800,000 in damages.
Even in the best of economic circumstances, enterprises face risks of insiders stealing data or selling access to systems. But Joseph Blankenship of Forrester says the possibility of layoffs due to the COVID-19 pandemic puts enterprises at more risk of insider threats.
Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?
In trying economic times, it's more important than ever to be able to measure and communicate the effectiveness of one's cybersecurity program. Colin O'Connor, COO of ReliaQuest, offers a new alternative to traditional metrics.
The former vice president of finance at a Georgia-based medical supplies company has been charged with hacking into the firm's computers and "sabotaging" shipment of personal protective equipment in the midst of the COVID-19 crisis.
With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved.
The latest edition of the ISMG Security Report offers a discussion of the potential insider threats posed by the remote workforce during the COVID-19 crisis. Also featured: An update on payment fraud shifts and the long-term outlook for the cybersecurity market.
A global health crisis. A remote workforce. Economic uncertainty. These are key ingredients to fuel the insider threat. Randy Trzeciak of the CERT Insider Threat Center at Carnegie Mellon University offers tips for monitoring risky behavior and creating positive incentives to reduce risk.
The SEC has settled charges against two traders who were accused of profiting from the hacking of an SEC EDGAR system server in 2016. The Ukrainian man who allegedly hacked the system by bypassing its authentication control remains at large.