It's critical for healthcare sector entities considering - or already using - generative AI applications to create an extensive threat modeling infrastructure and understand all attack vectors, said Mervyn Chapman, principal consultant at consulting and managed services firm Ahead.
As the threat landscape continues to evolve, defenders need to shift their focus from individual wins to sustained proactive defenses. Resecurity COO Shawn Loveland proposes embracing a strategy of understanding and fighting adversaries in a constantly changing space - with no beginning and no end.
Ransomware incidents are down, but the volume and impact of targeted attacks are on the rise. These are among the findings of the new Global Threat Landscape Report from Fortinet's FortiGuard Labs. Fortinet's Derek Manky shares analysis of this report and insights on the cybersecurity trends that will influence how we...
The ever-expanding threat landscape and the continued talent shortage mean defenders increasingly need to be ready with the skilled talent to face the onslaught of cybercriminals, who are gaining momentum by employing new tactics, according to Pamela Nigro, ISACA board chair.
Many longtime employees have retired,...
Cybercriminals are becoming increasingly innovative and shifting toward more targeted and destructive attacks, using wiper malware, which was previously only used by APT-focused, nation-state actors. Also, ransom payment demands are reaching seven to eight figures.
Rising worries about the digital security of nongovernmental organizations in the Asia-Pacific region haven't translated into robust adoption of basic measures, shows data from a survey of more than 1,500 regional NGOs. NGOs attract hackers for motives including espionage, opposition and data theft.
President and CEO Sudhakar Ramakrishna says SolarWinds has done massive work implementing security into the build process since the company was hacked in late 2020. Testing, validating and qualifying the integrity of the company's source code has required significant effort, Ramakrishna tells ISMG.
In 2022, 56% of lower education organizations and 64% of higher education organizations were hit by ransomware in the last year.
This is a considerable increase from the 44% of education respondents that reported an attack in our 2021 survey (based on 499 respondents across lower and higher education).
As cybercriminals evolve their attack techniques, they pose greater risks to the government, businesses and individuals. It’s more critical than ever to improve your security strategy and proactively prepare for the next wave of cyberthreats.
The first step is to understand the latest attack trends and major...
A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.
Banking and financial services depend on one thing above all else when they digitally transform: proving to customers and partners that information and finances are fully protected. Undertaking a threat modeling strategy offers significant business benefits and can help businesses get ahead of potential...
Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry. The proceeds will bolster its protection for cryptocurrency lending protocols and better defend the money flowing into and out of the cryptocurrency ecosystem.
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.