U.S. President Joe Biden signed into law the Quantum Computing Cybersecurity Preparedness Act, designed "to encourage the migration of federal government IT systems to quantum-resistant cryptography" by ensuring they prepare strategies now for implementing forthcoming cryptography standards.
The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
A surging Elastic has joined perennial stalwarts Splunk and Microsoft atop the Forrester Wave: Security Analytics 2022 report, toppling SIEM players Exabeam, Securonix and IBM. Elastic went from not even being mentioned in the December 2020 security analytics Forrester Wave to leading the industry.
Identity and access management company Okta revealed that its private GitHub repositories were accessed earlier in the month, resulting in the theft of its source code in its Workforce Identity Cloud code repositories. "No customer data was impacted," Okta says.
In a surprise move, Britain's Information Commissioner's Office recently named names - lots of names - on the data breach front. The ICO has published detailed information about breaches of personal data, complaints and the civil investigations. Attorney Edward Machin explains the implications.
Stop the presses: Britain's Guardian Media Group has been hit by a "serious IT incident," believed to be ransomware, that appears to have encrypted numerous systems. Experts say ransomware groups love to strike over the holidays, adding pressure on victims to pay a ransom quickly and quietly.
The latest edition of the ISMG Security Report discusses why it is always a bad idea for organizations to pay hackers for data deletion, practical steps organizations can and should take to avoid being at the heart of a data subject complaint, and the latest efforts to tackle the ransomware threat.
Cloud vendors from Amazon, Microsoft and Google to IBM and Sumo Logic have turned to Sysdig's Falco open-source threat detection engine to secure their environments. Sysdig CEO Suresh Vasudevan says Falco has become the standard for threat detection in the industry.
With so many cybersecurity technologies and services available, how do organizations get started with evaluating the managed detection and response option that is right for them? Lyndon Brown of Pondurance weighs in on how to select the MDR provider that fits your needs best.
Getting acquired by Thoma Bravo for $2.8 billion will help Ping Identity accelerate its transition from on-premises to SaaS-based delivery of identity protection, CEO Andre Durand says. SaaS now accounts for 30% of Ping's business and is growing nearly 70% annually, he says.
For many brands, especially large enterprises with a substantial online presence, it is important to be able to have eyes all over the internet in order to properly mitigate the effects of external elements on their brand’s reputation.
In his latest rant, Ian Keller, the Troublemaker CISO, decries lazy and bad coding practices, mistakes CISOs may make and unwarranted CISO-blaming by the media, unanswered requests for more funding and staff - and the epic failures all these can produce when a breach happens, as it inevitably will.
Chinese hackers are exploiting known vulnerabilities in a Citrix networking appliance and virtual private network. The products, Citrix ADC and Gateway, are popular in the healthcare sector. Left unpatched, attackers may execute ransomware attacks or steal intellectual property.
To avoid having to even consider paying a ransom, experts have long urged all organizations to put in place appropriate defenses. Two defensive strategies for healthcare firms are moving backup and recovery to the cloud and practicing incident response scenarios.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.