President and CEO Sudhakar Ramakrishna says SolarWinds has done massive work implementing security into the build process since the company was hacked in late 2020. Testing, validating and qualifying the integrity of the company's source code has required significant effort, Ramakrishna tells ISMG.
In 2022, 56% of lower education organizations and 64% of higher education organizations were hit by ransomware in the last year.
This is a considerable increase from the 44% of education respondents that reported an attack in our 2021 survey (based on 499 respondents across lower and higher education).
Download...
As cybercriminals evolve their attack techniques, they pose greater risks to the government, businesses and individuals. It’s more critical than ever to improve your security strategy and proactively prepare for the next wave of cyberthreats.
The first step is to understand the latest attack trends and major...
A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.
Banking and financial services depend on one thing above all else when they digitally transform: proving to customers and partners that information and finances are fully protected. Undertaking a threat modeling strategy offers significant business benefits and can help businesses get ahead of potential...
Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry. The proceeds will bolster its protection for cryptocurrency lending protocols and better defend the money flowing into and out of the cryptocurrency ecosystem.
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
In 2021, Mandiant Threat Intelligence identified 80 zero-days exploited in the wild, which is more than double the previous record volume in 2019. State-sponsored groups continue to be the primary actors exploiting zero-day vulnerabilities, led by Chinese groups.
Join Mandiant’s Erin Joe, SVP of Strategy and...
Unfortunately, in this day and age, protecting assets is more difficult than ever from the corporate point of view. Organizations have spent many years and countless sums of money protecting the perimeter —
so-called “north-south” traffic. Yet agile, adaptive adversaries have found ways to breach perimeter...
The Food and Drug Administration on Thursday issued revamped draft guidance providing updated and detailed recommendations for how medical device makers should address cybersecurity risk in the premarket of their products, especially as the threat landscape continues to evolve.
The integration of third-party components and software is an increasingly critical area of security risk that needs more attention from medical device manufacturers, says Anura Fernando, global head of medical device security at safety certification firm UL.
Every connected device is now considered a part of the Extended Internet of Things (XIoT). When securing XIoT devices that connect to networks, it can be hard to account for all the nuances required to secure them. What simplifies the process of delivering contextually aware threat detection and recommendations is an...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
