Tammy Klotz took on a new job at a new company and even in a new state in 2020 - and she was charged with both establishing herself and raising the firm's cybersecurity posture. No challenge during a global pandemic, right? Here is how she has begun to pave her way.
Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.
With the ever-growing complexity and volume of cyberattacks, organizations have become even more vulnerable to security threats. All companies regardless of size have critical assets to protect, including customer data that will cause business damage or market setback if violated. Therefore, organizations need...
Using data classification helps you regain control over your unstructured data. By involving your users in data classification, they will automatically become more data-aware, with a greater understanding of your policies and the value of your organization’s data.
This whitepaper will take you through the 5 steps...
Data security breaches can have a significant impact on an organisation’s reputation, shattering customer trust and loyalty, so it’s unsurprising that data protection is higher up the boardroom agenda than it’s ever been.
In this whitepaper, we look at how the threat landscape has changed for businesses, the...
Data classification is an approach to identifying, protecting, and managing information which has rapidly become best practice. Implemented as part of a layered security strategy, it enables an enterprise to defend itself against a variety of threats – from aggressive outsiders to untrained or well-meaning insiders...
The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.
"There are so many basics we need to get right," says Daniel Dresner, professor of cyber security at Manchester University. In this interview, he discusses the cybersecurity practices that he recommends to make the task of securing small- to medium-sized enterprises less overwhelming.
Apple patched a software vulnerability on Monday that researchers say was used to deliver spyware via its iMessage platform to the mobile phones of activists. But a few changes to iMessage could make it safer overall for individuals at high risk of surveillance, says an Apple security expert.
A bipartisan group of lawmakers wants to better insulate the director of CISA from political pressure by giving the role a defined five-year term that could keep the agency's leader in place even when presidential administrations change. Currently, the position of CISA director lacks a set term.
The pandemic has created the need for rapid digital transformation and the growing trend of working from home is pushing businesses to adopt "zero trust" and implement it within their own organizations, says Bobbet Castillo, chief technology officer and information security officer at Petnet.
Nine months after discover of the attack that targeted SolarWinds and clients of its network monitoring tool, the incident continues to spur investigations into what happened. The SEC is reportedly probing those businesses involved, and lawmakers want answers about the breach of DOJ emails.
In the 20 years since the Sept. 11, 2001, al Qaida terrorist attacks on targets in the U.S., the need to shore up critical infrastructure and build resilience into systems remains a priority. But over the past two decades, concerns about physical threats have been displaced by cyber concerns.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.