Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
The FBI calls ransomware "a prevalent, increasing threat." One recent campaign earned at least $325 million in global profits, while U.S. victims tell the FBI they paid $24 million in ransoms in 2015. And attackers are plowing profits back into improving their malicious code.
Although relatively few carriers offer cyber insurance, buyers can negotiate favorable terms when purchasing policies, say Experian's Michael Bruemmer and NetDiligence's Mark Greisiger, who explain why in this interview.
Because of growing cybersecurity concerns, CISOs in the financial sector finally are getting more time with their boards of directors and more direct interaction with senior executives, says John Carlson, chief of staff at the Financial Services Information Sharing and Analysis Center.
The big-name breaches have made us all sensitive to the loss of personal and competitive data. But are we overlooking the real risks? Shawn Henry of CrowdStrike offers insight on how we need to evolve our core defenses.
An estimated half of all ransomware infection victims give in to criminals' ransom demands, thus enticing attackers to refine and continue their campaigns, warns Intel Security's Raj Samani in this video interview.
Malwarebytes has long been a force in the consumer space, but now its focus is on enterprise breach remediation. In this video interview, Pedro Bustamante explains the enterprise strategy and discusses proactive malware hunting.
Healthcare organizations must take several important steps to protect their environments against ransomware attacks, says Mac McMillan, CEO of the security consulting firm CynergisTek. He outlines key measures in this interview.
It's springtime in San Francisco: cue the annual RSA Conference. Here are some notable trends that have already emerged from the event, ranging from ransomware and phishing attacks to hacker self-promotion and Facebook fakery.
Despite the pervasiveness of data breaches, healthcare organizations are still playing catch-up on implementing strong, risk-based security programs, rather than focusing solely on HIPAA compliance, says David Finn of Symantec. He offers a preview of his session at the HIMSS 2016 Conference about a new survey.
While the healthcare sector is finally becoming aware of the cyberthreats and risks facing medical devices, new Internet of Things health devices are quickly creating new vectors for cyberattacks, warns cybersecurity expert Tyler Cohen Wood.
"We never negotiate" might be the expectation whenever law enforcement or government agencies get targeted by criminals or even "cyberterrorists." But outside Hollywood, the reality too often turns out to be far less rigid.
Sometimes language barriers can be a good thing: Many malware-wielding cybercriminals have historically targeted users in North America and Europe over Japan, owing to linguistic challenges. But that's changing.