Why do organizations find it challenging to respond to social engineering incidents and how they can better defend against them? We talk to Daniel Wood, CISSP, GPEN, Associate Vice President of Consulting at Bishop Fox, to find out.
A Russian national was charged with one count of conspiracy for his role in a conspiracy to recruit an employee of a company to introduce malicious software into Tesla's computer network, extract data from the network, and extort ransom money from the company.
In a new study published by AdvisorSmith, it found that among the top 25 highest paying jobs for bachelor degree holders, number 18 on the list was Security Analysts. The study also found that information security analysts earned an annual median salary of $99,730.
A new study by Nuspire outlines new cybercriminal activity and tactics, techniques and procedures (TTPs).
We speak to Saad Gul, Co-Chair of the Poyner Spruill, LLP, privacy and cybersecurity team, and learn about the Lifespan HHS investigation, what it means for data security professionals and why the HSS ruling should be a warning to all companies with HIPPA information.
The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities.
NIST unveiled the final version of its Zero Trust Architecture publication, which gives private sector organizations a road map for deploying the cybersecurity concept across the organization.
Until March, there was a consistent narrative about supply chains and technology. Digitization had, gradually, come some way in the world of logistics. Manufacturers, shipping companies, and retailers — and the many other firms with solutions that represent the connective tissue between them — had been steadily integrating hardware and software technologies that leverage the internet (both “of things” and not).
Nevada Governor Steve Sisolak announced the appointment of Alan Cunningham as the State Chief Information Officer.
On Friday, August 14, 2020, the California Office of Administrative Law (OAL) approved the California Office of the Attorney General’s (OAG) final CCPA regulations and filed them with the California Secretary of State (SOS). The regulations were immediately effective. Notably, the final text of the regulations submitted to the SOS was modified from the one filed with the OAL. The OAG published an Addendum to the Final Statement of Reasons setting forth the changes. Many of the changes are stylistic and grammatical. However, some of the changes are substantive and will impact compliance efforts. The most notable changes are discussed below.
Whether you are a small enterprise, a large corporation, or something in between, phishing is one of the most damaging and vicious threats that you have to prepare for. It is so serious that security analysts predict it will be their topmost concern. As per Verizon 2019 DBIR, phishing has emerged as the leading cause of data breaches across companies, and there is a worrying rise in the number of phishing attacks. This is all the more reason for companies to step up their security to identify how to prevent phishing.
CACI International Inc has named Todd Probert President of CACI’s National Security and Innovative Solutions (NSIS) sector, responsible for advancing the company’s mission expertise and technology that supports the nation’s defense, intelligence, and federal civilian government` customers’ missions.
Purdue University Global has been designated as a National Center of Academic Excellence in Cyber Defense Education through academic year 2025 for its Bachelor of Science degree in cybersecurity.
Proofpoint, a cybersecurity and compliance company, has appointed Andrew Rose as its Resident CISO for the EMEA region.
ESET researchers explored Mekotio, a banking trojan targeting Spanish- and Portuguese-speaking countries: mainly Brazil, Chile, Mexico, Spain, Peru and Portugal. Mekotio boasts several typical backdoor activities, including taking screenshots, restarting affected machines, restricting access to legitimate banking websites, and, in some variants, even stealing bitcoins and exfiltrating credentials stored by the Google Chrome browser.
When it comes to PKI, leaders have two options: build it or move it to the cloud. PKI as-a-Service (PKIaaS) platforms are becoming a popular investment choice that provide all the benefits of a privately rooted PKI, but without the cost and complexity of running it in-house. PKIaaS providers can deliver a much more effective, and ultimately more secure, PKI than most enterprises can achieve on their own. Regardless of whether the choice is to build or buy, teams must consider six key requirements to ensure in-house or out-sourced PKI success – and digital identity security.
The U.S. Department of State’s Rewards for Justice (RFJ) program is offering a reward of up to $10 million for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities.
DefenTec began as a managed services provider (MSP) before transitioning into a managed security services provider (MSSP). Now, in addition to optimizing their clients’ data environments through managed services, IT support and consulting, and cloud computing, DefenTec also fortifies them through a full range of managed security services, including secure Wi-Fidesign, network audits, and of course, password management. How does DefenTec use KeeperMSP to further guard their clients from cyberattacks?
Software company Spreedly has named Christopher Hudel as its chief information security officer (CISO).
The COVID-19 driven shift to remote working coupled with accelerated digital transformation poses significant challenges to enterprise cybersecurity operations, widening the threat landscape and exposing enterprise networks, devices and data to increasing cybersecurity risk. Unmanaged devices, shadow IT and rapidly deployed remote access networks have all introduced emerging vulnerabilities that are being exploited by cybercriminals, making securing the enterprise even more difficult for CSOs and their teams.
Massachusetts Governor Charlie Baker signed an act which authorizes up to $1.8 billion in capital funding for key investments in public safety, food security, and information technology.
A new study reveals that 93 percent of security professionals lack the tools to detect known security threats, and 92 percent state they are still in need of the appropriate preventative solutions to close current security gaps.
Video app TikTok said it will set up its first European data center in Ireland.
Today's challenging reality presents an opportunity for CISO’s to reevaluate the economics and efficiencies of their current infosec program. To do so, CISO’s must narrow their focus on maximizing their return on investments and shift to a risk-based prioritization strategy. No matter the situation, CISO’s are always expected to meet goals and drive results. Even though security professionals cannot reduce risk to zero, they can reduce risk significantly by first eliminating the most impactful risks facing their organization. Below, I discuss the four critical steps of leading an economical and efficient information security program while following a risk-based approach.
Before COVID, cybersecurity was a concern for businesses everywhere. In fact, in Microsoft’s 2019 Global Risk Perception Survey, 57 percent of companies ranked cybersecurity as a higher risk than economic uncertainty and brand reputation or damage. Looking ahead, what does all of this mean for the role of the Chief Information Security Officer (CISO)? Not only is it more important than ever before, but the role has shifted since the start of COVID.
The Georgia Institute of Technology has selected Daren Hubbard as its new chief information officer and vice president for Information Technology.
The FBI says that an increasing number of victims are being directed to fraudulent websites via social media platforms and popular online search engines.
The National Science Foundation has awarded Georgia State’s Evidence-Based Cybersecurity Research Group (EBCS) nearly $300,000 for a pilot program to teach students advanced cybersecurity research skills and match them with CISOs, with whom they will test tools to improve organizations’ security.
