Thinking like a hacker: Protect your company from cyberattacks

How long does a cybercriminal’s timeline usually take? What are their moves? And what tools do they usually employ? To answer these questions, it helps to think like a hacker.

from Cyber Security News https://ift.tt/3ijSoaM

How to address data-privacy risks created by remote and hybrid work

The challenge companies now face is how they can maintain control over the security and privacy of their information, especially as they look to make remote and hybrid work permanent options after employees return to the workplace.

from Cyber Security News https://ift.tt/2YffDMb

Over half of business owners admit to concealing a data breach

A new survey shows the cybersecurity priorities and worries of IT business executives. Top of mind issues include a lack of faith in governmental cyber intervention and reputational concerns due to data breaches.

from Cyber Security News https://ift.tt/3onelcM

CISA: VMware vCenter server vulnerability under active exploit

Recently, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability — CVE-2021-22005 — in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server.

from Cyber Security News https://ift.tt/3AZ876a

New APT group attacking Russia's fuel and energy complex and aviation production industry

Researchers at the Positive Technologies Expert Security Center have identified a new, previously unknown APT group that has systematically attacked mainly Russia’s fuel and energy complex and aviation industry. 

from Cyber Security News https://ift.tt/3kTn4Bi

Why automation, artificial intelligence and machine learning are becoming increasingly critical for SOC operations

The path to success requires artificial intelligence and machine learning to supercharge the expertise and experience of an equally innovative and warm-bodied defender working as part of an enterprise security operations center and outsourced services like managed detection and response.

from Cyber Security News https://ift.tt/2Y55qSd

Cybercrime hurts some population groups more than others

A new survey of 5,000 internet users around the globe reveals disparities between demographic groups when it comes to internet safety and privacy. 

from Cyber Security News https://ift.tt/39S9s2S

Sara Avery hired as CRO at Cenlar

The experienced Chief Risk Officer brings leadership experience to the organization from her tenure in the risk management field.

from Cyber Security News https://ift.tt/3a3KVbn

Leo Howell named CISO at Georgia Tech

Howell will create a cybersecurity program for the institute and work alongside other senior-level members of Georgia Tech's information technology department.

from Cyber Security News https://ift.tt/3ulDTbb

New malware uses COVID-19 lure to target Android users

Security researchers from Cloudmark have discovered a new piece of mobile malware strain spread via SMS that cybercriminals are using to target users across the US and Canada with COVID-19 lures.

from Cyber Security News https://ift.tt/3m97W21

3.8 billion Facebook, Clubhouse user records up for sale

A user on a popular hacker forum is selling a database that purportedly contains 3.8 billion user records, scraped and merged from Facebook and Clubhouse.

from Cyber Security News https://ift.tt/2XWQhSL

Supply chain security is a higher priority than two years ago

A new global survey of C-level executives released by CloudBees, reveals high confidence levels in software supply chain security but a limited understanding of the essential components that make a software supply chain secure. 

from Cyber Security News https://ift.tt/2Y1fqvK

5 minutes with Jerry Caponera - Developing a risk-oriented view into cybersecurity

Jerry Caponera, Head of Risk Strategies at ThreatConnect, discusses the importance of developing a risk-oriented view into cybersecurity and why cyber risk needs to be quantified in the same way as operational risk or credit risk.

from Cyber Security News https://ift.tt/3mb1SWF

SIA scholarship gives opportunity to young professionals

The Security Industry Association (SIA) RISE scholarship has opened applications to young professionals seeking to further their security education.

from Cyber Security News https://ift.tt/3APyJqr

Cyberattacks top list of focuses for business leaders

Enterprises in the U.S. are concerning themselves with cyberattacks and zero trust architecture when it comes to cybersecurity, a new report finds.

from Cyber Security News https://ift.tt/39N8BQS

Delaware develops cybersecurity education program

The programming will provide information on multi-factor authentication, securing email and social media accounts and detecting spam risks for senior citizens.

from Cyber Security News https://ift.tt/3ug9fzO

TikTok found to be most impersonated app by malware groups

According to a recent ransomware study, cybercrime rings have used fake apps related to the COVID-19 pandemic to target individuals. New research looks at the most impersonated apps, along with trends in other cyberattacks.

from Cyber Security News https://ift.tt/3EXg2Dl

Richard Foltak named CISO at Dito

Foltak brings over 25 years of information security experience to his SVP and CISO roles at the cloud services provider.

from Cyber Security News https://ift.tt/3m5LdUu

How to stop ransomware - Seven steps to protect your enterprise

There are seven steps that will help your company fight off ransomware attacks.

from Cyber Security News https://ift.tt/2Y267vQ

Rethinking the current cybersecurity landscape

Pressing the reset button on security is only possible by disregarding the old-school ring-fencing and the rigid firewalls of the moat-castle mindset and embracing the zero trust mentality. 

from Cyber Security News https://ift.tt/3lZ3mU1

How can enterprises support remote working without opening the door to occupational fraud?

Industry experts can help you to understand not only the occupational fraud risks that come hand-in-hand with a “work from anywhere” model, but also how to address them with the latest biometrics.

from Cyber Security News https://ift.tt/3oam7GT

Insurance digitalization spawns increase in identity fraud, report finds

Combining security strategies could reduce the risk of fraud, which has only risen since the start of the COVID-19 pandemic. A new report suggests steps insurance carriers can take to ensure their security plan works to combat identity fraud.

from Cyber Security News https://ift.tt/3ua31Bo

Hacking burnout: Addressing stress among security professionals

All too often, people feel they need to push their personal limits at work, at the expense of their mental, physical and emotional health. How can leadership combat burnout across security teams by prioritizing an employee's well-being?

from Cyber Security News https://ift.tt/3kEkxuB

Creating a culture of security for social butterflies

Ensure your employees understand the security risks of social media, provide awareness training and implement best practice policies for smarter socializing.

from Cyber Security News https://ift.tt/3i4dwBL

Bryon Hundley named VP of Intelligence Operations at RH-ISAC

Hundley brings more than 20 years of public and private cybersecurity experience to the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) in his new role.

from Cyber Security News https://ift.tt/3o1HGsT

Red forest is gone, now what?

Given that approximately 90% of the world’s enterprises use Active Directory (AD) as their primary authentication and authorization platform for organizations running Windows, it is no surprise that AD is a key target for cybercriminals. 

from Cyber Security News https://ift.tt/3kA8KgW

Second farming cooperative shut down by ransomware this week

Crystal Valley, a Minnesota-based farming cooperative, has been hit by a ransomware attack, causing them to shut down their IT systems and their daily operations to be severely interrupted.

from Cyber Security News https://ift.tt/3lWq7Il

SAIC appoints Kevin Brown as Chief Information Security Officer

Kevin Brown has joined Science Applications International Corporation (SAIC) as Chief Information Security Officer (CISO).

from Cyber Security News https://ift.tt/3i0Zy3o

CISOs to developers: Changing the way organizations look at authorization policy

The open-source and developer community has adopted Open Policy Agent (OPA) as the de facto standard for authorization. There are three critical ways OPA can help organizations solve for authorization:

from Cyber Security News https://ift.tt/3kx90gu

San Diego prioritizes IT department security

The city will upgrade its IT department security with cloud support and end-user protections for its employees, many of whom work remotely due to the COVID-19 pandemic.

from Cyber Security News https://ift.tt/3kyWQnA

Businesses on the lookout for cyber risk, report finds

Top executives ranked the effects of technology risk on their business, highlighting their perceptions of cyber threats.

from Cyber Security News https://ift.tt/3CG4geX

Shadow Code remains a high security risk

More than 99% of websites use third-party scripts. Still, only one in three can detect potential problems that could lead to digital skimming and Magecart attacks, according to a new PerimeterX study.

from Cyber Security News https://ift.tt/3EzNobk

Cloud presents biggest vulnerability to ransomware

Veritas Technologies surveyed more than 2,000 global IT leaders whose organizations have undertaken pandemic-led digital transformation and found the majority are severely vulnerable to ransomware attacks because they’ve been unable to keep pace with the accelerated digitization.

from Cyber Security News https://ift.tt/3CxTnM7

Five lessons everyone needs to learn about phishing attacks

The first and last line of defense against phishing is always employees themselves. With that in mind, here are the top five things you need to know about phishing. 

from Cyber Security News https://ift.tt/3nXQhwE

5 cybersecurity threats for businesses in 2021—and 3 tips to combat them

Whether you build up in-house expertise or find a trusted outside partner, cybersecurity can no longer be a project set on the back burner. Let's walk through five prevalent cybersecurity threats for businesses, along with three helpful tips to combat them.

from Cyber Security News https://ift.tt/3ALtl7L

BlackMatter's ransomware attack on NEW Cooperative may impact food supply chain

Iowa-based grain cooperative NEW Cooperative Inc. was struck by BlackMatter ransomware recently and has shut down its computer systems as it tries to mitigate the attack. BlackMatter is demanding a $5.9 million ransom.  

from Cyber Security News https://ift.tt/3lJuExE

Biden administration to issue sanctions to counter ransomware payments

The Biden administration is allegedly preparing to sanction financial exchanges that facilitate illicit digital payments to cybercriminals. How will this new initiative impact businesses?

from Cyber Security News https://ift.tt/3AvLfLx

University of Wisconsin pioneers cybersecurity degree

The Wisconsin university's Whitewater campus hosts the Cybersecurity Center for Business which provides training programs for organizations in the area, offers an online M.S. in cybersecurity, and has just launched a B.S. in the field. 

from Cyber Security News https://ift.tt/3EGDHYD

Education sector sees rising security concerns

Although the education sector’s breach exposure has remained relatively consistent this year, it’s taking longer to fix high severity vulnerabilities compared to other industries, according to NTT Application Security research team. 

from Cyber Security News https://ift.tt/2Xw2xcK

EventBuilder misconfiguration put 100K users’ data at risk

Over one million CSV/JSON files with personal information of event registrants using Microsoft Teams, including phone numbers and email addresses, have been exposed to potential cybercriminals worldwide. 

from Cyber Security News https://ift.tt/3EDeFKc

Python exploit gives access to 10,000+ API keys

A Python exploit gives access to more than 10,000 API (Application Programming Interface) keys via Wayback Machine, a project that archives the content of internet sites.

from Cyber Security News https://ift.tt/3nSfSXW

Tackling the cybercrime pandemic in 2021

Given the increase in attack sophistication over the years, it is imperative for security leaders to establish new rules of the road for risk management and cyber fraud prevention.

from Cyber Security News https://ift.tt/39svp8g

Mobile application fraud & abuse: Four things you need to know

Here are four things you need to know about mobile fraud and abuse and what you can do to stop it.

from Cyber Security News https://ift.tt/3Cqh8We

Dan Jetton joins Evolver as VP of Cybersecurity

Jetton brings years of public and private CIO and Cybersecurity VP experience to the new role.

from Cyber Security News https://ift.tt/3nYqnc6

Security robot patrols Hyundai factory in Seoul

The four-legged robot will enhance security patrols at the plant with its thermal camera and other security features. 

from Cyber Security News https://ift.tt/3ArJbnL

Banking industry sees 1318% increase in ransomware attacks in 2021

Ransomware was a major threat to global organizations in the first half of 2021, but it was not the only one, according to a Trend Micro report. 

from Cyber Security News https://ift.tt/3zwyMpG

Pennsylvania Army National Guard hones in on cyber defense

An international training program helps Pennsylvania prepare for cyber threats and protect critical technology infrastructure in the state. 

from Cyber Security News https://ift.tt/3CtOnrF

Mirai Botnet starts exploiting OMIGOD security flaw

Threat actors have started to actively exploit critical Microsoft Azure vulnerabilities, just days after Microsoft disclosed them during September's Patch Tuesday.

from Cyber Security News https://ift.tt/2Z3QeoH

Considerations for enterprises amid new privacy regulations

Consumer data privacy regulations are expanding. How can enterprises prepare?

from Cyber Security News https://ift.tt/39lvWcd

Embrace a holistic approach to vulnerability management

Identifying and scanning is an important aspect of vulnerability management, but it’s just one piece of the puzzle. Organizations failing to see the full vulnerability picture tend to struggle unless they embrace a holistic approach with their vulnerability management program

from Cyber Security News https://ift.tt/3lHYHpg

We are at war; a cyber war

is the U.S. in a cyber war? Eric Jeffery, Sr. Solutions Architect for IBM Security, explores the scale of the latest nation-state sponsored cyberattacks. 

from Cyber Security News https://ift.tt/2XIelsT

Off-prem vs. on-prem access control for educational facilities

Many schools that are looking to in-person learning in the fall are deciding whether to select cloud-based, off-prem solutions or on-premises infrastructure. While there can undoubtedly be pros and cons for each, it ultimately depends on your organization’s needs.

from Cyber Security News https://ift.tt/3EIS3Ie

Raf Sanchez promoted to Global Head of Cyber Services at Beazley

Raf Sanchez will assume the new role in October, bringing his experience on the Beazley Breach Response Services team to the position.

from Cyber Security News https://ift.tt/3kjmmgj

UN calls for facial recognition and artificial intelligence moratorium

A new report highlights the privacy risks posed by the global use of artificial intelligence.

from Cyber Security News https://ift.tt/3tXfJUg

APT actors exploiting newly identified vulnerability in ManageEngine ADSelfService Plus

State-backed advanced persistent threat (APT) groups are likely among those exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021

from Cyber Security News https://ift.tt/3nMoz63

Misconfigured APIs make up two-thirds of cloud breaches

Shadow IT and misconfigured application programming interface accounted for the vast majority of security incidents in the cloud last year, according to the 2021 IBM Security X-Force Cloud Threat Landscape Report. 

from Cyber Security News https://ift.tt/3nLNu9Q

8 tough questions to drive the right AppSec reporting solution and DevSecOps

Before attempting to build the right foundation for comprehensive application security risk reporting, consider eight questions. 

from Cyber Security News https://ift.tt/3CnvyGM

Protecting business from ransomware at the edge

Disaster recovery solutions make it easy for administrators to prevent data loss caused by failure events or ransomware, even when they cannot be on-site.

from Cyber Security News https://ift.tt/3hJrh8B

Port Canaveral awarded $1.4 million for security enhancements

Port Canaveral will use federal and state funding to enhance security detection at the Port with upgraded equipment.

from Cyber Security News https://ift.tt/3EsPrxJ

OWASP updates top 10 security vulnerability ranking

The Open Web Application Security Project (OWASP) has released a draft of its ranking of the top 10 vulnerabilities.

from Cyber Security News https://ift.tt/2Z3NaJn

Jason Kees named Chief Information Security Officer at Ping Identity

Jason Kees, former information security executive for Groupon, CBS and Oracle, brings extensive experience enhancing cybersecurity strategies to Ping Identity. 

from Cyber Security News https://ift.tt/2XrjWDa

Andrew Obadiaru joins Cobalt as Chief Information Security Officer

Andrew Obadiaru has joined Cobalt as Chief Information Security Officer. He will be responsible for maintaining the confidentiality, integrity and availability of Cobalt's systems, services and data. 

from Cyber Security News https://ift.tt/3Ek6KBn

4 steps to incorporate security into hybrid cloud environments

The journey to hybrid cloud Identity and Access Management follows a four-step process that will increase a business’ speed, agility and efficiency while providing the flexibility to support unique requirements every step along the way. 

from Cyber Security News https://ift.tt/3lu9ZNO

Seat detection, flood monitoring and aggressive behavior analytics: Is this the future of your video surveillance?

A new developer challenge yielded some interesting and innovative analytics applications that could make their way to your SOC soon.

from Cyber Security News https://ift.tt/2XivUz8

Individuals use two-factor authentication, biometrics to protect information

A new study shows an increase in use of two-factor authentication (2FA) over the past four years and presents stats on specific 2FA strategies.

from Cyber Security News https://ift.tt/3tWgsFj

Shane Dwyer named CISO of state of Iowa

Dwyer began in his new role on September 13, 2021. He brings years of information security leadership experience to the state position.

from Cyber Security News https://ift.tt/3AaoTim

Critical Azure security vulnerabilities affect large organizations

New Azure security vulnerabilities are very easy to exploit and could allow attackers to remotely execute arbitrary code within the network with a single request and escalate to root privileges.

from Cyber Security News https://ift.tt/3z9gfiJ

Half of on-prem databases contain security vulnerabilities

One out of every two on-premises databases globally has at least one vulnerability, finds a new study from Imperva Research Labs spanning 27,000 on-prem databases.

from Cyber Security News https://ift.tt/3CdCvtR

Remote work presents challenges for IT leaders

A new study explores the ways access security evolved to support the pandemic-fueled rush to remote work.

from Cyber Security News https://ift.tt/3AeNaUB

Google patches Chrome zero-day exploited in the wild

Google recently issued a critical security update for Chrome, patching up eleven security vulnerabilities, including two zero-day vulnerabilities that were exploited in the wild.

from Cyber Security News https://ift.tt/3kcxcVh

Hoax causes Litecoin to spike 20%; shows power of misinformation

Walmart Inc. was at the center of a hoax aimed at manipulating the price of Litecoin, illustrating how fake news and misinformation campaigns on social media are becoming a greater threat to businesses. 

from Cyber Security News https://ift.tt/3EhpZLz

Executives' ransomware concerns are high, yet few are prepared for attacks

C-suite and other executives expect cyberattacks to increase over the next 12 months, yet only 33.3% say that their organizations have simulated ransomware attacks to prepare for such an incident, according to a recent Deloitte poll.

from Cyber Security News https://ift.tt/3z5tVeR

Apple patches spyware flaw affecting all operating systems

Apple has released an emergency software patch to plug a security hole Citizen Lab researchers discovered affecting all its operating systems, exploited to infect the iPhone of a Saudi activist with NSO Group’s Pegasus spyware.

from Cyber Security News https://ift.tt/2VEoEgs

CISA to host fourth annual National Cybersecurity Summit

The Cybersecurity and Infrastructure Security Agency announced it will host its fourth annual National Cybersecurity Summit this October. 

from Cyber Security News https://ift.tt/3A92y4I

Massachusetts introduces committee to address cybersecurity

Massachusetts' residents lost over $97 million to cybercrimes in 2020, according to the FBI's 2020 Internet Crime Report. In an effort to curb such crimes, the state has created a cyber committee.

from Cyber Security News https://ift.tt/2XlS7g3

MyRepublic reports data breach to customers

MyRepublic Singapore discovered an unauthorized data access incident and has moved to support its customers in mitigating any possible risk.

from Cyber Security News https://ift.tt/3EdeTaA

91% of IT teams feel pressure to compromise security

A new HP Inc. study highlights the tension between IT teams and employees working from home (WFH) that security leaders must resolve to secure the future of work.

from Cyber Security News https://ift.tt/3lk9yFJ

How to apply Sun Tzu’s ‘The Art of War’ to cybersecurity

Applying the Sun Tzu approach to cybersecurity gives organizations the awareness of what to look for, what vulnerabilities create the most risk and how to implement the appropriate incident response procedures. 

from Cyber Security News https://ift.tt/3k4CFxq

UN computer networks were breached by cybercriminals

Earlier this year, cybercriminals gained access to United Nations networks using stolen credentials. 

from Cyber Security News https://ift.tt/3lcb1hj

Azurescape attack allows cross-container cloud compromise

The Unit 42 Threat Intelligence team discovered Azurescape - the first known cross-account container takeover in the public cloud affecting Azure Container Instances.

from Cyber Security News https://ift.tt/3jXAfAH

HAProxy found vulnerable to critical HTTP request smuggling attack

A critical security vulnerability has been disclosed in HAProxy that could result in unauthorized access to sensitive data and execution of arbitrary commands.

from Cyber Security News https://ift.tt/3lfcAuO

The engagement effect: A CISO’s guide to securing hybrid workplace networks

There are three foundational pillars to fostering a cyber-engaged workforce: employee engagement, executive leadership engagement and peer network engagement. 

from Cyber Security News https://ift.tt/2Vw0zbD

Arnaud Treps named CISO at Odaseva

Seasoned security leader Arnaud Treps joins Odaseva as the new Chief Information Security Officer.

from Cyber Security News https://ift.tt/2VueVt3

1 in 5 companies fully confident infrastructure security can support long-term remote work

Three in four organizations are currently utilizing a hybrid work model. Employers and employees alike feel this is the best path moving forward. However, only roughly one in five companies (21%) are fully confident their infrastructure security can support long-term remote work. 

from Cyber Security News https://ift.tt/3heFVog

Devin Ertel named Chief Information Security Officer at Menlo Security

Devin Ertel has been appointed Chief Information Security Officer (CISO) at Menlo Security, where he will spearhead global efforts to reduce the company’s risk and security exposure.

from Cyber Security News https://ift.tt/38ZGa1D

AI pivotal for forensic investigative teams to handle crushing data volumes

While forensic tools are potent weapons in the cyber world, on their own, they’re not enough to overcome the challenge of data sets growing in complexity and volume. Enter artificial intelligence. 

from Cyber Security News https://ift.tt/2X4EOzY

CISA releases the cloud security technical reference architecture and zero trust maturity model for public comment

The Cybersecurity and Infrastructure Security Agency (CISA) released the Cloud Security Technical Reference Architecture (TRA) and Zero Trust Maturity Model for public comment.

from Cyber Security News https://ift.tt/3nbooRp

Microsoft, CISA warn of new zero-day exploited in targeted office attacks

Microsoft is currently investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. The exploitation of this vulnerability may allow a remote attacker to take control of an affected system. In addition, this vulnerability has been detected in exploits in the wild. 

from Cyber Security News https://ift.tt/3yV5ekU

Where to spend on security depends on business objectives

How CISOs approach technologies and hiring decisions will go a long way in determining how their security posture evolves this year and beyond. There’s an important balance to strike between the two, and you can’t determine the right mix without taking a step back to understand the business itself.

from Cyber Security News https://ift.tt/3jT6sJl

Why swift action is key to securing the hybrid workforce

from Cyber Security News https://ift.tt/3tnaJrL

Eight financial services fined over BEC data breaches

The Securities and Exchange Commission (SEC) has sanctioned eight financial services firms for cybersecurity failures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm. 

from Cyber Security News https://ift.tt/3zTuYzx

DHS announces two senior cybersecurity appointments

The United States Department of Homeland Security (DHS) has announced two senior cybersecurity appointments.

from Cyber Security News https://ift.tt/3BTrxtr

Zero trust architecture (ZTA) - Modern work anywhere architecture without VPN

How do we protect against this changing enterprise application landscape? Organizations across the world need to lead the adoption of Zero Trust Architecture (ZTA) for cybersecurity as their first principle of implementation.

from Cyber Security News https://ift.tt/3halqsx

Malware-as-a-service is the growing threat every security team must confront today

from Cyber Security News https://ift.tt/3DScOkf

Risk considerations for Managed Service Provider Customers

To help mitigate cybersecurity risks to managed service provider customers, the Cybersecurity and Infrastructure Security Agency (CISA) released a new CISA Insights, providing a framework that government and private sector organizations outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk.  

from Cyber Security News https://ift.tt/3tgbToW

Comcast flaw could have turned remotes into listening devices

Guardicore has discovered a new attack vector on Comcast’s XR11 voice remote that would have allowed attackers to turn it into a listening device – potentially invading your privacy in your living room.

from Cyber Security News https://ift.tt/3t8mPVr

Emerging technology, evolving threats — Part II: The asymmetry effect

A single application may have hundreds of thousands of vulnerabilities. Increasingly, cybercriminals are targeting people just as much if not more than the systems that underlie an infrastructure, which is why the trusted insider conundrum is exacting renewed attention. In most instances, they represent a cheaper and more accessible conduit to achieve one’s objective. What’s to be done?

from Cyber Security News https://ift.tt/3gSVceg

Five trends complicating industrial automation cybersecurity and how a standards-based approach is the solution

Five trends, in particular, are complicating industrial automation cybersecurity and driving the increased need for a standards-based approach.

from Cyber Security News https://ift.tt/2YfwaPL

Let’s help developers address open source software security

By staying on top of these trends, scanning frequently and working with security counterparts to get the information needed, developers can fix more third-party library flaws faster to develop more secure applications in the future.

from Cyber Security News https://ift.tt/2WNe9rz

The human factor in cybersecurity

Overcome human nature with a security mindset that uses what humans are best at: complex reasoning. Remember to trust your human nature – the intuition that you need to double-check “locking the doors” or other security steps.

from Cyber Security News https://ift.tt/3t9fDbv

CISOs are changing their ways amid their toughest environment ever

A CISOs first 90 days on the job provide a window of opportunity for establishing their credibility and earning a vote of confidence from leadership. This requires, among other things, thoroughly assessing a corporation’s organization, technology, governance and the processes it embraces.

from Cyber Security News https://ift.tt/3t7BuAj

71% of surveyed facility managers state concerns about operational cybersecurity

According to a report released by Honeywell, improving cybersecurity for operational technology (OT) systems ranks as one of the top priorities for surveyed facility managers over the next 12 to 18 months. 

from Cyber Security News https://ift.tt/3t4LkTu

CISA: Examine cybersecurity posture ahead of Labor Day holiday

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are customarily closed—in the United States, as recently as the Fourth of July holiday in 2021.

from Cyber Security News https://ift.tt/3DA4Lsb

New credential phishing campaign abuses open redirector links

The Microsoft 365 Defender Threat Intelligence Team has actively tracked a widespread credential phishing campaign using open redirector links. 

from Cyber Security News https://ift.tt/3DEO9PR

3 ways partners can advise customers through cybersecurity needs

Many companies aren’t focused on cybersecurity disciplines directly, nor do they know how to optimize their cybersecurity. Therefore, it becomes the customers’ IT and technology partners’ job to focus on the basics, creating a faster and more fluid response for their clients. Let’s look at three ways partners can advise customers on their cybersecurity needs. 

from Cyber Security News https://ift.tt/38vWkQs