In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including open source software vulnerabilities plus insights on updating SOCs as well as effective communication with the board.
Wolfe Eye Clinic, which operates diagnostic and surgical centers in 40 Iowa communities, is notifying 500,000 current and former patients that their data may have been inappropriately accessed during a recent ransomware attack. But the organization refused to pay a ransom.
Customer identity and access management – CIAM – has taken off over the past year. But too many of these initiatives are limited in scale, says Dennis McDermott of OpenText. He shares key CIAM components and milestones.
The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.
Federal agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by using recommended firewall configurations, but this step isn't always feasible, the Cybersecurity and Infrastructure Security Agency says.
How can organizations update their SOCs to ensure they keep up with evolving cyberthreats? Three experts - Sean Duca of Palo Alto Networks, Rishi Rajpal of Concentrix and Anish Ravindranathan of Tata Digital - offer insights.
A bipartisan group of senators is circulating a draft of a federal breach notification bill that would require federal agencies, federal contractors and businesses that have oversight over critical infrastructure to report significant cyberthreats to CISA within 24 hours of discovery.
The daily peak of DDoS attack traffic increased 100% from January 2020 to May 2021, reaching 3 Tbps, with most of the high-bandwidth, high-intensity attacks originating from fewer than 50 hosting companies, Nokia Deepfield reports.
For most organizations, the rationale for employing data security solutions is crisis mitigation associated with potential data breaches - driven by compliance regulations, possible fines and reputation loss. There is, however, another compelling rationale for strong data security program that a growing number of...
Este estudio de caso trata sobre una aerolínea que enfrentó dos grandes tipos de ataques en sus aplicaciones web y móviles.
Los atacantes utilizaban credential stuffing, lo que en algunos casos comprometió a casi 1000 cuentas de clientes en tan solo un día.
Descargue este estudio y descubra cómo Shape...
SOC teams are struggling to keep up with the pace of today's threats. Weighed down by the sheer volume of security events and mundane manual processes, they miss the opportunity to investigate alerts thoroughly and remediate incidents rapidly and concisely.
Join this session to learn how:
To accelerate SOC...
The discovery of an unsecured database containing over 1 billion records related to CVS Health website visitor activity illustrates yet again how security missteps can potentially leave sensitive data exposed, some security experts say.
With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.
Volkswagen and its Audi subsidiary are notifying 3.3 million people in the U.S and Canada of a breach of personal information by a marketing services supplier. Volkswagen says 90,000 of those affected may have also had their driver's license number, loan data and other personal information exposed.