A well-managed multi-cloud strategy "is a sensible approach" because it allows organizations to move different workloads between providers, but it gets a "bit more complicated when you start thinking about workload portability," says Lee Newcombe, security director, Capgemini U.K.
Modern organizations have many different application types across their organization – from DevOps pipelines and cloud-native apps to robotic process automation bots and static homegrown apps. How do you keep the secrets used by all these different types of applications safe from attackers?
Some 60 breaches affecting about 2.5 million individuals were added in July to the federal tally of major health data breaches. A vast majority of 2022 breaches continue to be linked to large hacking incidents and ransomware demands - with 40% tied to outside vendors.
The U.S. Consumer Financial Protection Bureau is warning lenders they can be liable for data breaches for causing consumers "substantial injury." To avoid liability, the bureau recommends that banks implement multifactor authentication and especially Web Authentication.
A "secure message-themed" phishing campaign targeting healthcare providers aims to lure recipients to an Evernote notepad website in an attempt by hackers to harvest security credentials, federal authorities warn, saying the scheme puts entities at risk for potential data security compromises.
The co-chairs of Congress' Cyberspace Solarium Commission request an "urgent briefing" with Biden administration officials to discuss the state of cybersecurity in the healthcare and public health sector and call for actions to address rising cyberthreats.
In the latest weekly update, four ISMG editors discuss the breach of customer engagement platform Twilio, a cyberattack on the U.K.'s NHS that has reignited concerns about supply chain security in the healthcare sector, and the U.S. Treasury clamping down on shady cryptocurrency mixers.
Ransomware-wielding attackers continue to seek new ways to maximize profits with minimal effort. Top tactics spotted recently by experts include continuing to partner with initial access brokers and botnet operators and testing new monetization models, such as "mediation as a service."
Enterprises spend a lot of time on what zero trust is, but too little time on design thinking - and why cybersecurity solutions need that element baked in from the start. Brian Barnier and Prachee Kale of ThinkDesignCyber and CyberTheory Institute give an overview of their zero trust strategy.
A U.S. federal jury convicted former Twitter employee Ahmad Abouammo for spying on Saudi Arabian dissidents on behalf of Saudi Arabia. The jury also found him guilty of conspiracy to commit wire fraud, falsification of records and money laundering.
Three Nigerian nationals accused of participating in multimillion-dollar business email compromise fraud with a fixation on universities arrived in the United States after extradition from the United Kingdom. They allegedly attempted to steal more than $5 million.
A newly disclosed probe shows the Federal Trade Commission is investigating operators of BitMart, a cryptocurrency platform that lost $200 million of investor funds in one of the biggest crypto cyberattacks of 2021. The agency is scrutinizing the companies to see if they misled consumers.
Advanced, a critical software and services vendor to the U.K.'s National Health Service, confirms a ransomware attack by "financially motivated" threat actors is behind an IT outage that is still disrupting various NHS services, including 111. Some disruptions could last for weeks, the company says.
As CISO of West, a Williston Financial Group company, Bruce Phillips recognizes that cybersecurity is not the enterprise's core business. But what, then, is the right level of cybersecurity to bring to a nonsecurity business? He discusses this and other leadership challenges.
How can organizations secure their workforces against identity-related attacks, when employees are accessing applications from a variety of locations and devices? In this video, Udi Mokady, Founder, Chairman and CEO of CyberArk, shares his perspectives.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.