Analyzing the top data breaches of 2022

Security's Associate Editor Maria Henriquez analyzes the top data breaches of 2022 and their effects on enterprise cybersecurity and national legislation going forward.

from Cybersecurity News https://ift.tt/0kaWiz4

Security needs a new mindset

Being alert and anticipative – conducting regular cybersecurity drills, for example – is as essential as prioritization, cyber-resilience and adaptiveness in improving the security mindset of an organization. 

from Cybersecurity News https://ift.tt/lXti0LV

Digital manufacturing is a double-edged sword: How to leverage opportunities while mitigating threats

Manufacturing phases that run on off-site cloud servers come with added security concerns.

from Cybersecurity News https://ift.tt/Q3vLOIw

Growing cybersecurity skills gap necessitates human factor security

The cybersecurity skills gap creates real security challenges for enterprises. Training employees to recognize security risks can increase business resilience.

from Cybersecurity News https://ift.tt/v9a8ucP

How are healthcare CISOs reporting & measuring risks?

What are the biggest cybersecurity risk factors for healthcare heading into 2023?

from Cybersecurity News https://ift.tt/lGLVuet

Global security threats in 2022: Looking back to move forward

In Episode 13 of the Cybersecurity and Geopolitical Podcast series, hosts Ian Thornton-Trump and Philip Ingram discuss the geopolitical threat landscape involving Russia, China, Iran and North Korea.

from Cybersecurity News https://ift.tt/WApZMnF

How to assess and bolster an organization's level of cybersecurity

Creating cybersecurity assessment reports and awareness programs can help organizations mitigate the risk of data breaches and build a positive reputation.

from Cybersecurity News https://ift.tt/2ZK83Go

18 cybersecurity predictions for 2023

As you build your cybersecurity resilience planning, priorities and roadmap for the year ahead, security leaders offer cybersecurity predictions for 2023.

from Cybersecurity News https://ift.tt/6eLpcmq

5 priorities security leaders need to tackle in 2023

Here are 5 key priorities that organizations must build into their cybersecurity plans for 2023.

from Cybersecurity News https://ift.tt/RTA7Gsx

Building a security operations center (SOC) on a budget

Small and medium-sized businesses should look to build a SOC that meets their needs at a price point that fits within their overall security expenditures.

from Cybersecurity News https://ift.tt/wdlJYiS

How to make third-party risk management recession-proof in 2023

With this much economic uncertainty, now is the time to invest in making your third-party risk management (TPRM) program recession-proof in 2023.

from Cybersecurity News https://ift.tt/es7XRkB

Getting healthcare security on the road to recovery

The public and private sectors, and the security industry as a whole, need to come together to get healthcare security on the road to recovery.

from Cybersecurity News https://ift.tt/P9BrFAv

The top 10 data breaches of 2022

Get a special look at Security magazine's top 10 data breaches of 2022 annual report. 

from Cybersecurity News https://ift.tt/GWLoNSz

Now is the time to prioritize your organization’s security communications strategy

As external stakeholders demand more information and insight into your organization’s security practices and protocols, implementing a comprehensive security communications strategy is a must. 

from Cybersecurity News https://ift.tt/91XCAFh

Addressing the cybersecurity workforce staff shortage

Why does the cybersecurity workforce gap exist? How can organizations best mitigate it? 

from Cybersecurity News https://ift.tt/lceIzaQ

How to protect company data & preserve user privacy

Security magazine sits down with Dan Amiga, Chief Technology Officer (CTO) of Island, to discuss how to find a balance between providing end user privacy and protecting company data. 

from Cybersecurity News https://ift.tt/ogUGW64

Data security governance strategies can be a business differentiator

Every organization needs to rethink its approach to security, governance, privacy and compliance by prioritizing the management and protection of data.

from Cybersecurity News https://ift.tt/CS6EVFw

The benefits of unified security tech

How can unified Identity Orchestration (IO) technology effectively tie different systems together for a seamless, proactive threat identification approach?

from Cybersecurity News https://ift.tt/E3ws4JI

Top security news of 2022

Security magazine highlights ten of the top physical security & cybersecurity news stories from 2022, ranging from emergency response to metaverse cyber threats.

from Cybersecurity News https://ift.tt/5dpgfYj

Protecting the modern cloud environment with cloud email security

When a cloud-native security tool is in place — one that understands identity, context, and risk — organizations are truly protected from both inbound email threats and email platform attacks. 

from Cybersecurity News https://ift.tt/8YuFkZT

Leading cyber risks & trends in 2022

What are some of the leading cyber risks and cybersecurity trends in 2022? 

from Cybersecurity News https://ift.tt/8ETnp7j

Security's Editorial Fireside Chat 2022

In this episode of The Security Podcasts, the Security magazine editorial team sits down to reflect on interesting, engaging and diverse stories from the security industry in 2022.

from Cybersecurity News https://ift.tt/jo7XzyW

Understanding SBOMs: A snapshot of your software security

In the midst of conversations about securing the software supply chain, one term consistently rises to the forefront: SBOM. 

from Cybersecurity News https://ift.tt/Ou6IUZ9

With OT attacks on rise, organizations weigh cybersecurity trends for 2023

What are six operational technology (OT) cybersecurity trends to watch in 2023? 

from Cybersecurity News https://ift.tt/6DzQLtr

Top 12 physical security, cybersecurity & risk management stories of 2022

Get a special look at Security magazine's top 12 articles of 2022 — all of which cover thought leadership around physical security, cybersecurity, risk management & more. 

from Cybersecurity News https://ift.tt/2uXv6qP

Endpoint detection & response and its cybersecurity benefits

What are the four major cybersecurity capabilities endpoint detection and response (EDR) solutions provide?

from Cybersecurity News https://ift.tt/NlP5grS

Shifting left isn't always right

True DevSecOps requires shifting both left and right, testing in both staging and production environments continuously in real-time.

from Cybersecurity News https://ift.tt/ODEqtFB

WAF is woefully insufficient in today’s container-based applications: Here’s why

In a world where successful exploits may be inevitable, relying on a perimeter WAF for application security leaves entire environments vulnerable unless adequate security tools and policies are implemented.

from Cybersecurity News https://ift.tt/G5mjRvZ

Clearing the fog: Identifying blind spots in cybersecurity budgeting

Cybersecurity budget management is crucial in increasing a company’s cybersecurity efficiency and eliminating security blind spots.

from Cybersecurity News https://ift.tt/nATOxJw

How businesses can prevent becoming the next ransomware victim

Business continuity, security awareness, visibility and patch management are four strategies for cybersecurity leaders to protect their organizations against ransomware.

from Cybersecurity News https://ift.tt/MuWPcK0

Organizational culture is a cybersecurity problem

In this The Security Podcasts episode, Kevin A. McGrail, Cloud Fellow at Dito, talks the importance of cybersecurity awareness and a communicative organizational culture.

from Cybersecurity News https://ift.tt/CotXuDB

Leveraging zero trust to reduce cyberattacks in the education sector

What can K-12 school systems and higher education institutions do to implement a zero trust environment to boost cybersecurity defenses?

from Cybersecurity News https://ift.tt/O5DsHM1

Strategies for closing the cybersecurity skills & leadership gap

Closing the cybersecurity skills gap requires a two-pronged approach to cyber best practices and education, leveraging the cloud and automation.

from Cybersecurity News https://ift.tt/YBSAi6R

The state of third-party cyber risk amid global chaos

To guard against cybercrime, it’s critical to monitor and assess every secret window into your organization’s operations. For most, these gateways are in the supply chain among third parties. 

from Cybersecurity News https://ift.tt/n3WHUTY

The psychological warfare behind ransomware attacks

Here are the top ways hackers use psychological warfare to find their targets and successfully coerce them into meeting their ransom demands. 

from Cybersecurity News https://ift.tt/bUh9cpu

Building tailored cyber resilience for critical infrastructure

Every hack on critical infrastructure is a good reason to bolster cyber resilience: a cybersecurity objective best achieved by foregrounding industry knowledge.

from Cybersecurity News https://ift.tt/l9ZCiWg

Boards: Supporting cybersecurity risk management & mitigation

Boards have a fiduciary responsibility in their governance capacity to set the tone with their vigilance and demonstrate the criticality of cybersecurity risk management.

from Cybersecurity News https://ift.tt/CvKG64T

Teresa Shea joins Board of Directors at Cigent Technology

Teresa Shea, a renowned defense, intelligence and cybersecurity expert has joined the Board of Directors at Cigent Technology, Inc.

from Cybersecurity News https://ift.tt/jxmrpQC

6 steps to respond to enterprise cybersecurity challenges

Learn about six strategies to prevent cybersecurity threats and reduce data breaches.

from Cybersecurity News https://ift.tt/DtZcbeN

Iranian APT breaches government agency using Log4Shell

Iranian government-sponsored advanced persistent threat (APT) actors breached the Federal Civilian Executive Branch (FCEB) and its network, according to CISA.

from Cybersecurity News https://ift.tt/ANqrCjU

Why your corporate structure could be compounding fraud risk

Breaking down silos isn’t just a matter of improving collaboration and innovation; it’s critical to enhancing fraud prevention efforts.

from Cybersecurity News https://ift.tt/DSisLb1

Which threat actors are targeting US data?

As organizational cybersecurity leaders seek to protect their institutions from cyber threats, it is important to ascertain who exactly is targeting U.S. data.

from Cybersecurity News https://ift.tt/DH7JoO1

3 ways microsharding technologies can mitigate ransomware

Security professionals can consider strategies other than encryption, such as microsharding, to protect company data in the event of a ransomware attack.

from Cybersecurity News https://ift.tt/ClDaOmK

New Australian task force to "hack the hackers"

Australia’s Cyber Security Minister Clare O’Neil said the government was considering a law that would make it illegal to pay ransoms.

from Cybersecurity News https://ift.tt/YM9XSoI

8 steps to achieving cybersecurity compliance

What are eight steps that can help organizations achieve cybersecurity compliance? 

from Cybersecurity News https://ift.tt/jLrA7ah

How the role of CISO is evolving due to hybrid and remote work

There's an opportunity for chief information security officers to drive holistic business and information protection. Here's how. 

from Cybersecurity News https://ift.tt/aNRoHjC

Data privacy lawsuits explode in healthcare, tech sectors

Cybersecurity executives can explore three recent data privacy lawsuits to determine whether their organizations are truly compliant with data sharing laws.

from Cybersecurity News https://ift.tt/FZiVc5q

Edward Hudson named CISO at the University of Kansas

University cybersecurity veteran Edward Hudson has been named the new Chief Information Security Officer (CISO) at the University of Kansas.

from Cybersecurity News https://ift.tt/o0hQPU7

98% of organizations have been impacted by a cyber supply chain breach

98% of organizations surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain, according to a BlueVoyant cyber risk report.

from Cybersecurity News https://ift.tt/pwDyAE8

Insider threat peaks to highest level in Q3 2022

Insider threat peaked to its highest quarterly level to date this year. How can organizations increase security defenses to fight this risk, particularly during the employee termination process?

from Cybersecurity News https://ift.tt/9OzPIsr

Threat intelligence adoption trends & challenges

The majority of enterprise IT security managers rely on threat intelligence to reduce cyber risk, yet still lack the necessary skills and resources, according to a Vulcan Cyber study.

from Cybersecurity News https://ift.tt/z5tnAwF

Stuck in the cybersecurity talent chasm? Here's how industrial organizations can climb out

To adequately address the skills gap and its impact on cybersecurity posture, organizations should take a two-pronged approach.

from Cybersecurity News https://ift.tt/eAvmubJ

K-12 students can help reduce cyberattacks in their districts

K-12 schools can transform students into cybersecurity leaders by focusing on security awareness training to prevent social engineering and cyberattacks.

from Cybersecurity News https://ift.tt/YqDdHc3

Balancing data, leading by experience

It’s incumbent on physical security executives to understand how their counterparts may interpret data and view risks to the company based on their experience.

from Cybersecurity News https://ift.tt/VsKgISH

How to get ahead of fraud in the metaverse

Focusing on fraud prevention should be a security priority for businesses creating and operating in the metaverse.

from Cybersecurity News https://ift.tt/6pJchbj

9 ways to protect manufacturing from ransomware

What can manufacturing businesses do to prevent ransomware attacks and limit their impact? Here are nine ways.

from Cybersecurity News https://ift.tt/7qXPcnw

Multi-factor authentication isn't always enough to stop cyber threats

There are several best practices security teams can follow to strengthen their organization's defenses through multi-factor authentication.

from Cybersecurity News https://ift.tt/YyQ8KBW

4 recommendations to combat phishing

The Business Cost of Phishing report from IRONSCALES shows that IT and security teams spend one-third of their time handling phishing threats every week.

from Cybersecurity News https://ift.tt/4X7MTJm

Attack surfaces are mushrooming. Are you prepared?

Attack surface management is at the top of the list of needs for organizations to keep their business’ critical assets secure.

from Cybersecurity News https://ift.tt/cXoDVTP

The cybersecurity impacts of bots on e-commerce in 2022

The State of Security Within eCommerce 2022 report, a 12-month analysis by Imperva Threat Research, identified cyber threats facing online retailers.

from Cybersecurity News https://ift.tt/Wc5nYwM

What we learned from transforming a security program

There is no one-size-fits-all approach to guiding a security program through a major transformation, but here are four things to consider to future-proof your enterprise.

from Cybersecurity News https://ift.tt/K4LCeIx

Fixing the cybersecurity workforce problem starts with us

This will come as no surprise to those involved in cybersecurity recruitment. The solution to the cybersecurity workforce shortage? Lowering the barrier to entry level cyber positions.

from Cybersecurity News https://ift.tt/pmP6os2

3 transportation cybersecurity and technology trends

The Transportation Technology Trends 2022 Report from Info-Tech Research Group explores automation, data analytics and cybersecurity in the transportation sector.

from Cybersecurity News https://ift.tt/pAG6Q9x

How to manage data lifecycle: Data retention for compliance

At any given time, data retention laws may be added or altered, so Chief Data Officers (CDOs) need to stay current with retention laws to ensure compliance.

from Cybersecurity News https://ift.tt/5Nu7DCx

The metaverse ushers in a new era of cyber threats

Security professionals need to prepare for the cyber and physical threats presented by the metaverse, including identity theft, bodily injury and more.

from Cybersecurity News https://ift.tt/hmjvRab

Phishing attacks aimed at government personnel up 30% in 2021

Lookout data reveals that the risk of mobile phishing and device vulnerability within U.S. government agencies has increased since 2021.

from Cybersecurity News https://ift.tt/Ajs8R15

Closing the cybersecurity talent gap

In this podcast episode, cybersecurity professional Lisa Tetrault talks leveraging industry connections to break into the cyber field; the power of mentorship in cybersecurity; and more.

from Cybersecurity News https://ift.tt/eWL9qgU

How hybrid work environments impact cybersecurity insurance coverage

Organizations seeking cyber insurance coverage are required to prove their cybersecurity posture, disaster recovery and related risk and technology best practices.

from Cybersecurity News https://ift.tt/5tOavVn

86% of cloud attacks in healthcare result in financial consequences

According to a Netwrix report, 61% of respondents in the healthcare industry suffered a cyberattack on their cloud infrastructure within the last 12 months.

from Cybersecurity News https://ift.tt/TLn3bse

Technical competency gaps in 151,000 IT auditors in the audit industry

IT auditors’ lack of hands-on skill in information technology influences data breach likelihood and technical evidence interpretation for critical infrastructure, according to The Next Generation Cybersecurity Auditor study.

from Cybersecurity News https://ift.tt/8KXd5Nn

OT/ICS cybersecurity threats remain high

Organizations have significantly matured their security postures since last year in response to operational technology (OT) and industrial control systems (ICS) cybersecurity threats. 

from Cybersecurity News https://ift.tt/xGHshCT

Protecting operations and data against cyberattacks

How can organizations focus on building foundational security measures to take power away from cybercriminals? 

from Cybersecurity News https://ift.tt/7ClgxEI

Over 100 million accounts were breached in Q3 2022

108 million accounts were breached worldwide in Q3 2022, according to new cybersecurity research from Surfshark.

from Cybersecurity News https://ift.tt/yWfIHoO

With record-high data breaches, now is the time for cybersecurity storage adoption

Organizations must take proactive steps to address the fundamental challenges of data protection, data storage and data compliance processes with cyberstorage solutions.

from Cybersecurity News https://ift.tt/HXh7LsO

CISA releases critical infrastructure cybersecurity performance goals

The Cybersecurity and Infrastructure Security Agency (CISA) has released the first iteration of the Cross-Sector Cybersecurity Performance Goals (CPGs). 

from Cybersecurity News https://ift.tt/uftV206

Ransomware in the US is down 51% compared to 2021

Ransomware levels in the United States are trending down, with a decrease of 51% of ransomware attack volume compared to 2021 levels.

from Cybersecurity News https://ift.tt/FzyeD6J

Over half of consumers use biometrics to secure mobile devices

The Digital Identity Services report by iProov surveyed 16,000 consumers globally to assess their attitudes toward facial verification in security practices.

from Cybersecurity News https://ift.tt/smKNTw0

Over 255m phishing attacks in 2022 so far

More than 255 million phishing attacks occurred over six months in 2022, a 61% increase in the rate of phishing attacks compared to 2021, SlashNext reports.

from Cybersecurity News https://ift.tt/sU31kOf

Strengthening infrastructure services security with cloud technology

Why is cloud-based data more secure than you think? And how can you solve on-prem security issues and minimize the risk of cloud breaches?

from Cybersecurity News https://ift.tt/SMeRyzx

Pam Presswood joins Valor as Chief Information Officer

Pam Presswood has been named the new Chief Information Officer (CIO) at Valor, a business services provider in mineral rights management.

from Cybersecurity News https://ift.tt/zroYqOL

Best practices for cryptocurrency firms and digital currency firms managing money

Cryptocurrency firms are not immune from regulatory and legal obligations. Three best practices, however, can help firms ensure compliance and minimize regulatory risks.

from Cybersecurity News https://ift.tt/kMWH0Ed

Cybersecurity is a top priority for physical security professionals

New research from Genetec shows that cybersecurity remains a top concern for physical security professionals going into 2023.

from Cybersecurity News https://ift.tt/NgOVDta

Leading ransomware variants in Q3

During Q3 of 2022, Intel 471 observed 455 ransomware attacks, a decrease of 72 attacks recorded from the second quarter of 2022, according to the Leading Ransomware Variants report.

from Cybersecurity News https://ift.tt/ZqJSCLI

CISOs struggle to articulate business impacts of cyber risks

With CISOs required to present to their boards, they now face the challenge of articulating cybersecurity risks and opportunities, according to a survey by FTI Consulting.

from Cybersecurity News https://ift.tt/YtZWILS

When bad things happen to good credentials

Identity and access management (IAM) has been a fundamental security touchstone for as long as information security has been around. Unfortunately, it is not good enough anymore.

from Cybersecurity News https://ift.tt/lWKgPQB

Scars of COVID-19 pandemic leave airlines vulnerable to payment fraud

Airline security leaders must mitigate fraud while maintaining positive passenger experience as they book tickets and fly with airlines.

from Cybersecurity News https://ift.tt/3LrSnKz

Can developers reduce open source cybersecurity risk?

State of the Software Supply Chain Report from Sonatype found legacy open source downloads leading to cybersecurity vulnerability exploitation.

from Cybersecurity News https://ift.tt/x3Nlt4b

K-8 students learn cybersecurity through gamification

K-8 students can learn cybersecurity techniques through a gamified education platform called Cyber Legends. Learn more in this case study.

from Cybersecurity News https://ift.tt/mA1L8Ih

The case for continuous threat simulation: Why annual audits will fail your business

Here are five reasons why continuous threat simulation will help improve your cybersecurity.  

from Cybersecurity News https://ift.tt/r03PJ5O

Global cybersecurity workforce grows to 4.7 million

The 2022 Cybersecurity Workforce Study from (ISC)² identified the current cyber workforce gap to be 3.4 million employees.

from Cybersecurity News https://ift.tt/uYD8JXp

Security considerations for passwordless authentication

Passwordless authentication takes many forms, from biometrics to link-based access. Cybersecurity leaders can use these steps to secure their networks with passwordless strategies.

from Cybersecurity News https://ift.tt/BPOUCeS

Fighting the continued rise of wiper malware

Wiper malware deployments are rising in 2022. With the right know-how and the right cybersecurity tools, security teams can ensure they’re bolstered for this battle. 

from Cybersecurity News https://ift.tt/vVefOol

Zero trust, remote work & cloud lead to higher cybersecurity spending

The increase in remote and hybrid work, the transition from VPNs to zero trust network access and the shift to cloud-based delivery models are causing growth in cybersecurity spend, according to Gartner, Inc.

from Cybersecurity News https://ift.tt/h21APBe

CISOs needs to adapt cybersecurity guidance for millennials & Gen Z

What generations pose more cybersecurity risk than others? The 2022 Human Risk in Cybersecurity Survey from Ernst & Young LLP asked employees about their cyber habits.

from Cybersecurity News https://ift.tt/UxzfHc9

Identifying and mitigating “risky insiders” in the workplace

Insider risk remains an issue for organizations as hybrid work continues. Monitoring data, educating employees on cybersecurity and more can help companies remain secure.

from Cybersecurity News https://ift.tt/Cy2BS4R

How to safeguard your brand from spoofing attacks

Cyber risk is business risk, and protecting your brand from spoofing attacks is paramount to protecting your reputation and bottom line.

from Cybersecurity News https://ift.tt/vqSywBh

Setting the stage for ransomware recovery

Here's how to avoid common pitfalls that lead to increases in expenditures, excessive business interruption time, and a prolonged, difficult claims process, during ransomware recovery. 

from Cybersecurity News https://ift.tt/ywBvzSt

5 digital safety concerns for K-12 student privacy and wellbeing

The "Teacher and School Concerns and Actions on Elementary School Children Digital Safety" from North Carolina State University identified five digital safety concerns for K-12 students.

from Cybersecurity News https://ift.tt/x09jcBz

Phishing is the top cybersecurity threat targeting car dealerships

Auto dealerships across the U.S. have been targeted by phishing attacks. A new study examines what the car retailers are doing to mitigate cyber threats.

from Cybersecurity News https://ift.tt/uFeTzti

Cybersecurity founded on 3 pillars: Technology, process, and people

Comprehensive cybersecurity measures, such as security technology, risk management and education & training, are needed to secure the enterprise from inside out. 

from Cybersecurity News https://ift.tt/7UQTWd6

Balancing consumer expectations and fraud prevention

With the right tools and processes in place, businesses can provide consumers with a secure digital experience while mitigating fraud risks.

from Cybersecurity News https://ift.tt/IFvcepu

$4.35 Million — The average cost of a data breach

Discover five steps to boost data breach and cyberattack incident response.

from Cybersecurity News https://ift.tt/5vuwfit

4 things CISOs need to know about software supply chain security

Cybersecurity leadership needs to understand the security challenges of open source code to tackle software supply chain security threats.

from Cybersecurity News https://ift.tt/nhN5JDs

What organizations need to know about the new CPRA legislation

Everything you need to know about the California Privacy Rights Act (CPRA), including three ways to ensure compliance and consumer privacy. 

from Cybersecurity News https://ift.tt/DyoTdnH

Fostering diversity in cybersecurity

The cybersecurity industry could benefit significantly from diversifying its workforce, and when recruiting talent, it is critical that businesses strategically approach the onboarding process. 

from Cybersecurity News https://ift.tt/XWpTfFw

The weaponization of social media

We cannot afford for social media to continue being an insider threat blind spot. The fallout from not properly managing and mitigating digital risk can result in irreparable damage to both individuals and organizations alike. 

from Cybersecurity News https://ift.tt/0baCZ9N

The way forward for Kubernetes security: Eliminate standing privileges

The most successful model for Kubernetes security will be one built on zero trust, one that embraces ephemeral JIT privileges, strong secrets governance and ZSP. 

from Cybersecurity News https://ift.tt/xSdT2Gc

Dark data: The underestimated cybersecurity threat

Enterprise organizations are concerned with the cybersecurity threat of dark data, according to a recent security report, "Understanding Risk: The Dark Side of Data" from Donnelley Financial Solutions.

from Cybersecurity News https://ift.tt/WhNOVyL

60% of SMBs experienced a cyberattack in the last year

Nearly two-thirds of small to mid-sized businesses experienced a cyberattack in the last 12 months, according to cybersecurity research from Devolutions.

from Cybersecurity News https://ift.tt/hWq7GKA

US critical infrastructure, airports targeted by pro-Russia hackers

A number of U.S. airport websites were temporarily taken offline after three pro-Russia cybercrime groups announced a wave of DDoS attacks targeting U.S. critical infrastructure.

from Cybersecurity News https://ift.tt/Xz7cp5s

Data breach prevention ranked top global cybersecurity priority

Cybersecurity leaders ranked data breach prevention and ransomware defense among their top security priorities, according to a WithSecure survey.

from Cybersecurity News https://ift.tt/pAxi8n5

Todd Dekkinga named Chief Information Security Officer at Zluri

Todd Dekkinga has been named Chief Information Security Officer (CISO) at Zluri, an enterprise Software as a Service (SaaS) management provider.

from Cybersecurity News https://ift.tt/YgmBnwp

Video wall technology aids SOC collaboration & efficiency

Legato Security integrated their video wall technology into their security operations center (SOC) to improve incident response and data visualization with a solution from Haivision.

from Cybersecurity News https://ift.tt/7MdI0eY

John Carlin named cybersecurity & data protection co-head at Paul, Weiss

National security and cybersecurity lawyer John P. Carlin has been named the new Co-Head of the Cybersecurity & Data Protection practice and as a Partner in Litigation at Paul, Weiss.

from Cybersecurity News https://ift.tt/H8yxmM2

Vasu Kohli named CISO at Iterable

Vasu Kohli, who has led Iterable’s Security organization for the past ten months, has been promoted to Chief Information Security Officer (CISO).

from Cybersecurity News https://ift.tt/DXHrLuk

It’s time to talk about securing your innovation supply chain

 Security leaders need to embrace strategies that can provide end-to-end visibility with open access to data across the entire innovation supply chain.

from Cybersecurity News https://ift.tt/UCYdZ4W

Reduce human error cyberattacks with security training & partnerships

Organizations can close the cybersecurity skills gap and reduce cyber risk by working with external partners, such as managed service providers.

from Cybersecurity News https://ift.tt/axVsiCG

Vulnerability exploitation is top initial access vector for ransomware

The 2022 State of the Threat Report from Secureworks identified software vulnerabilities as the primary initial access vector for ransomware.

from Cybersecurity News https://ift.tt/w03DM5m

Mona Harrington named Asst Director at CISA's National Risk Management Center

Cybersecurity executive Mona Harrington has been promoted to the Assistant Director role at the National Risk Management Center (NRMC), a division of CISA.

from Cybersecurity News https://ift.tt/mRHphWU

Randall Magiera named Director of Information Security at LucidLink

Dr. Randall Magiera has been named Director of Information Security and Privacy at LucidLink, where he will scale risk assessment, compliance and more cyber efforts.

from Cybersecurity News https://ift.tt/nTGSjvU

5 questions CISOs should ask when evaluating cyber resiliency

What are the top five questions chief information security officers (CISOs) should ask when it comes to evaluating and improving cybersecurity resiliency?

from Cybersecurity News https://ift.tt/xdKzE5e

5 tips for cybersecurity insurance compliance

Organizations must meet compliance requirements in order to qualify for cyber insurance or reduce their insurance costs and cyber risk.

from Cybersecurity News https://ift.tt/ATRDFUa

Google to pay $85M settlement for privacy violations in Arizona

Google will pay an $85 million settlement to the State of Arizona for violating the state's Consumer Fraud Act with its location tracking feature.

from Cybersecurity News https://ift.tt/cPzFxrQ

Beware of chat apps: Your security and brand reputation are on the line

Customer data is not the only thing on the line, as fraudsters utilize chat apps for scams. Businesses’ reputations are at risk too.

from Cybersecurity News https://ift.tt/n6jCfPF

How COVID-19 has made small businesses more vulnerable to cyberattacks

The COVID-19 pandemic accelerated e-commerce initiatives for small businesses, but it also catalyzed increased cyberattacks and cybersecurity challenges.

from Cybersecurity News https://ift.tt/yD4Zsr8

Are small businesses prepared to defend against cyberattacks?

A survey from Nationwide identified weaknesses in small business cybersecurity posture, including a lack of employee cyber awareness and training.

from Cybersecurity News https://ift.tt/f4U5NBp

Data privacy is a challenge. Tech leaders have the solution

Data privacy has grown so complex that it demands a technological solution, and it falls on cybersecurity and technology leaders to transform the way their organizations use data.

from Cybersecurity News https://ift.tt/i39gyan

Security executives identify authentication challenges

Identity and access management challenges facing organizations include disparate authentication practices, compliance and more, according to an Axiad survey.

from Cybersecurity News https://ift.tt/926FRNg

Password month? How we can make CSAM work for everyone

The security community needs Cybersecurity Awareness Month, but we need to do it better in order to advance the mission of keeping people safe online.

from Cybersecurity News https://ift.tt/d93o0Hm

Hacker groups assist Iranian protestors

Several hacker groups are assisting protestors in Iran using Telegram, Signal and other tools to bypass government censorship.

from Cybersecurity News https://ift.tt/mnSEpku

Security magazine opens up nominations for Top Cybersecurity Leaders

Security magazine has once again opened up nominations for the annual Top Cybersecurity Leaders program. 

from Cybersecurity News https://ift.tt/7TEDoIY

Quantifying the risk of cybersecurity

Chief information security officers (CISOs) can help the C-suite and their organization understand the importance of quantifying cybersecurity risk.

from Cybersecurity News https://ift.tt/rE5iyP7

Privacy and data protection in the wake of Dobbs

What does data protection and privacy mean in reproductive rights in the wake of Roe v. Wade being overturned by the Supreme Court? 

from Cybersecurity News https://ift.tt/Fi641Lr

Attacker infiltrates Fast Company's systems

Fast Company suffered an internal breach that led to the defacement of the company’s main news site.

from Cybersecurity News https://ift.tt/pdAEL51

Mitigating brand impersonation cyberattacks

Brand impersonation attacks are a real and imminent threat across the cybersecurity landscape. Security sits down with Mimecast's Amber Johanson to discuss this cyber threat.

from Cybersecurity News https://ift.tt/FqMdcE0

81% of organizations suffered a cloud security incident last year

As cloud adoption expands, so do cloud security challenges, with 81% of organizations suffering a cloud-related security incident according to Venafi research.

from Cybersecurity News https://ift.tt/8yshOE7

Optus attackers publish and then delete data

An alleged attacker, seeking a ransom payment from Optus in exchange for millions of customer records, published 10,000 records online before retracting the threat and deleting all demands.

from Cybersecurity News https://ift.tt/zhMgu2n

Open source software security act introduced

Legislation seeking to address open source software security risks in the federal government has been introduced.

from Cybersecurity News https://ift.tt/DVigQkj

Registration opens for New Jersey virtual cybersecurity conference

The 2022 New Jersey Cybersecurity Virtual Conference, hosted by Seton Hall University, aims to connect enterprise cybersecurity leaders with young professionals.

from Cybersecurity News https://ift.tt/ZoBrORQ

Initial access brokers: The new face of organized cybercrime

While there is no one-size-fits-all to security, here are some recommendations that organizations can use to reduce the threat of initial access brokers (IABs).

from Cybersecurity News https://ift.tt/tXYL4en

It’s time to prepare for the rise of hacktivism (and its side effects)

Hacktivism has played a role in the cyberspace around the Russian invasion of Ukraine, as nation-state cybercriminals and civilians hack with political motivation.

from Cybersecurity News https://ift.tt/DWo7zYO

New Mexico creates statewide Cybersecurity Planning Committee

New Mexico's state government has founded a Cybersecurity Planning Committee to address cyber threats and data privacy in its communities.

from Cybersecurity News https://ift.tt/8J2eI4N

5 reasons automation can't take over cybersecurity

It's inevitable that automation will play a role in cybersecurity strategies of the future, but it won't replace cyber operators in a security operations center (SOC).

from Cybersecurity News https://ift.tt/rQPtXuE

Deepfakes: When seeing is no longer believing

Deepfakes use artificial intelligence (AI) to impersonate voices, images and videos to spread misinformation, affecting government and enterprise security.

from Cybersecurity News https://ift.tt/bMyJ0ct

4 ways passwordless improves security

The journey to passwordless is not short, but there’s a clear cybersecurity roadmap to reach that goal.

from Cybersecurity News https://ift.tt/mzVZ72k

20 HBCUs establish cybersecurity leadership centers

20 historically Black colleges and universities (HBCUs) are establishing Cybersecurity Leadership Centers in partnership with IBM to address staffing shortages.

from Cybersecurity News https://ift.tt/YhLtIvd

The future of cybersecurity spotlighted at SECURITY 500 Conference

In a panel titled "The Future of Cybersecurity" at the SECURITY 500 Conference, security executives will discuss enterprise cybersecurity and evolving cyber threats.

from Cybersecurity News https://ift.tt/LIMDaug

New security vulnerability in Oracle Cloud Infrastructure discovered

A security vulnerability in Oracle Cloud Infrastructure (OCI) could have allowed unauthorized access to cloud storage volumes of all users, according to Wiz cybersecurity researchers.

from Cybersecurity News https://ift.tt/3cFahvt

Damiano Tulipani named CISO at Provident Bank

Damiano Tulipani has been named the new Senior Vice President, Chief Information Security Officer (CISO) at New Jersey-based Provident Bank.

from Cybersecurity News https://ift.tt/3Nf8ihR

The value of an adversary-focused approach to cybersecurity

Adversary attribution enables security professionals to understand the “who, how and why” behind the cyberattacks targeting potentially their business. 

from Cybersecurity News https://ift.tt/ZYRwKVI

CYBER.ORG expands CISA-funded HBCU feeder program

With the support of the Cybersecurity and Infrastructure Security Agency (CISA), CYBER.ORG is expanding Project REACH to train a diverse body of K-12 students for future cybersecurity careers. 

from Cybersecurity News https://ift.tt/1nCeO5Z

Social media account takeovers increased over 1000% in 2021

The 2022 Consumer Impact Report from the Identity Theft Resource Center (ITRC) identified an over 1,000% increase in social media account takeovers in 2021.

from Cybersecurity News https://ift.tt/hOUnLu4

American Airlines suffers data breach

American Airlines has confirmed that a data breach has affected a "very small number" of customers and employees. 

from Cybersecurity News https://ift.tt/6wiSWFM

Best practices to bolster software supply chain security

The latest edition of the annual Building Security In Maturity Model (BSIMM) report highlights four evolving trends among organizations’ software security initiatives. 

from Cybersecurity News https://ift.tt/yWBzYbZ

CISOs should prioritize securing business innovation

Rich Foltak, Chief Information Security Officer (CISO) at Dito, discusses cybersecurity as a business enabler in the latest Security podcast episode.

from Cybersecurity News https://ift.tt/52BvLQo

Security lessons to learn after the Uber data breach

As the dust settles around Uber’s recent data breach, the internet will likely begin to point fingers at those who they deem responsible for the attack.

from Cybersecurity News https://ift.tt/w9Fs4WR

Overcoming the cybersecurity talent shortage starts with hiring

Cybersecurity leadership and human resources (HR) teams need to collaborate to close the cyber talent gap.

from Cybersecurity News https://ift.tt/rMjxswl

Theresa Payton joins Conceal Board of Advisors

Former U.S. White House Chief Information Officer (CIO) Theresa Payton has joined Conceal's Board of Advisors.

from Cybersecurity News https://ift.tt/0yWLdJB

Craig Burland named CISO at Inversion6

Cybersecurity leader Craig Burland joins Inversion6, a cybersecurity IT company, with more than two decades of industry experience.

from Cybersecurity News https://ift.tt/ar5to2e

The keys to data resilience: Hindsight, foresight and preparing for the unexpected

Is your disaster recovery system impervious to major disasters that take out the infrastructure you rely on to deliver service?

from Cybersecurity News https://ift.tt/gk6pQuB

Bouncing back after a cyberattack: A cyber resilience checklist

Cyber resilience is more than just a new way of talking about disaster recovery and business continuity. Here's a checklist you can use to identify blind spots and security gaps to improve cyber resilience across the organization.

from Cybersecurity News https://ift.tt/J7kGZ8b

The benefits of digital trust

Only 66% of cyber professionals say their organization prioritizes digital trust at a sufficient level, despite the devastating repercussions associated with a breach of digital trust, according to ISACA's new report.

from Cybersecurity News https://ift.tt/sjZCAH2

The last line of defense against data exfiltration

There is no such thing as a “last line of defense” when it comes to security solutions. Instead, enterprise security needs to focus on detecting and mitigating data exfiltration.

from Cybersecurity News https://ift.tt/2pUqsCZ

Uber is investigating cybersecurity & data breach incident

Uber Technologies has suffered a cybersecurity incident that has impacted internal communications and engineering systems, the company confirmed. 

from Cybersecurity News https://ift.tt/xFOgs8z

5 FBI recommendations for medical device cybersecurity

The Federal Bureau of Investigation (FBI) has issued guidance for healthcare security leaders to protect medical devices from cyberattacks.

from Cybersecurity News https://ift.tt/wORHvU9

Wallace Dalrymple named CSO at standardized testing nonprofit ETS

Wallace Dalrymple has been named the first Chief Security Officer (CSO) at Educational Testing Service (ETS), a standardized testing nonprofit.

from Cybersecurity News https://ift.tt/gu0sMm8

Federal cybersecurity laws can improve private sector security

The private sector can use the latest cybersecurity legislation as the roadmap for improving their security and digital infrastructure.

from Cybersecurity News https://ift.tt/L0vntiK

How SOCs distribute cybersecurity alerts to avoid burnout

Discover three ways security operations centers (SOCs) can distribute cybersecurity alerts to avoid security employee burnout.

from Cybersecurity News https://ift.tt/oGuBtq8

4 ways organizations fail to address cybersecurity risk

Security leaders say their organizations are failing to manage cyber risk. The 2022 Security Priorities Study, released by Foundry (formerly IDG Communications), explores how.

from Cybersecurity News https://ift.tt/qfHTkAM

Why is healthcare a top target for cybersecurity threats?

Healthcare organizations have been targeted by ransomware due to numerous factors, including theft of valuable health data and inadequate security.

from Cybersecurity News https://ift.tt/FWxG9VX

How has COVID-19 affected cybersecurity?

The Information Security Maturity Report 2022 from ClubCISO powered by Telstra Purple identified how organizational cybersecurity has shifted during the COVID-19 pandemic.

from Cybersecurity News https://ift.tt/Vr0BuzS

77% of retail organizations targeted by ransomware in 2021

Retail organizations faced higher rates of ransomware attacks than most other sectors, ranking second globally, according to the Sophos report "The State of Ransomware in Retail 2022."

from Cybersecurity News https://ift.tt/N7p6kZz

Why cybersecurity should be your physical security priority

Too often, chief security officers (CSOs) look at their role through two separate lenses: physical security and cybersecurity. But if you silo an organization’s cybersecurity and physical security, it only creates more risk.

from Cybersecurity News https://ift.tt/NbHQlgS

Intercontinental Hotels Group cyberattack disrupts business operations

Holiday Inn owner Intercontinental Hotels Group (IHG) has confirmed that a cyberattack has hit the company and disrupted operations. 

from Cybersecurity News https://ift.tt/LXZv7Mx

Data breach exposes records of 2.5 million student loan borrowers

A data breach of Nelnet Servicing (Nelnet) affected over 2.5 million student loan borrowers from Edfinancial Services and the Oklahoma Student Loan Authority (OSLA).

from Cybersecurity News https://ift.tt/tsHv3NE

National Insider Threat Awareness Month 2022

September is National Insider Threat Awareness Month, which emphasizes the importance of detecting, deterring and mitigating insider risk.

from Cybersecurity News https://ift.tt/YLQHISO

Cloud cybersecurity necessitates automation

Maintaining a secure cloud infrastructure requires cybersecurity teams to automate at a pace similar to that of DevOps and take a proactive approach to risk.

from Cybersecurity News https://ift.tt/GRwh7n0

Emilio Valente named CISO at UC Santa Barbara

Cybersecurity executive Emilio Valente has been named Chief Information Security Officer (CISO) at the University of California Santa Barbara.

from Cybersecurity News https://ift.tt/ZhTxlLQ

Cyber insurance needs an industry-wide security standard

As the cyber insurance industry continues to evolve, an industry-standard security framework will serve as a critical guiding light for companies and insurance providers.

from Cybersecurity News https://ift.tt/i95djya

How can companies keep up with social engineering attacks?

Social engineering exploits human interactions to gain personal information and login credentials. Enterprises can protect networks from these cyberattacks.

from Cybersecurity News https://ift.tt/69cEtNU

After cyberattacks, Finland to award companies cybersecurity grants

After a cyberattack on the Parliament of Finland, the country will provide cybersecurity funding to businesses to improve cyber defense programs.

from Cybersecurity News https://ift.tt/BYuAVOI

San Francisco 49ers data breach affects 20k individuals

The San Francisco 49ers are mailing notification letters confirming a data breach that affects over 20,000 individuals.

from Cybersecurity News https://ift.tt/GEZjsTv

3 ways to fight cloud sprawl

Cloud sprawl is one of the top security threats organizations face today. What are some of the best strategies to fight cloud sprawl? 

from Cybersecurity News https://ift.tt/c1O5zQT

Sephora gets $1.2m fine for CCPA data privacy violation

Sephora is the first company to be publicly fined for violating California’s Consumer Privacy Act (CCPA).

from Cybersecurity News https://ift.tt/ajigwhD

Cybersecurity guideline for testing of Internet of Things security products

AMTSO has published its first Guidelines for Testing of IoT Security Products to provide guidance for independent benchmarking and certification of IoT security solutions.

from Cybersecurity News https://ift.tt/6C0it8p

Faith Roy named Deputy CISO at US Department of Veterans Affairs

Faith Roy has been named Deputy Chief Information Security Officer (CISO) at the U.S. Department of Veterans Affairs.

from Cybersecurity News https://ift.tt/Inx9qrd

CYBER.org & NAF partnership expands cyber literacy for high schools

NAF and CYBER.ORG have partnered to expand cybersecurity literacy in high school classrooms across the country. 

from Cybersecurity News https://ift.tt/fW07yFa

Artificial intelligence operations must involve ethical & responsible frameworks

For companies using artificial intelligence-powered security technology, protecting users is not only ethical, but it also makes business sense. 

from Cybersecurity News https://ift.tt/ZKoL4rf

Cybersecurity ranked most serious enterprise risk in 2022

A survey of more than 700 U.S. executives by PricewaterhouseCoopers (PwC) identified top enterprise security and business risks observed in 2022.

from Cybersecurity News https://ift.tt/WSBVxiY

What do the Trickbot leaks reveal about Russian cybercrime?

Listen to the latest Cybersecurity & Geopolitical Podcast episode with Ian Thornton-Trump, Philip Ingram, MBE, and Joe Wrieden on the Trickbot leaks.

from Cybersecurity News https://ift.tt/iImAdMa

Registration open for CISA virtual summit on K-12 school safety

K-12 safety leaders and other school stakeholders can register for the Cybersecurity and Infrastructure Security Agency (CISA)'s 2022 National Summit on K-12 School Safety and Security.

from Cybersecurity News https://ift.tt/q9Ry5kn

SIA announces Women in Security Forum scholarship recipients

Seven women from across the security field have received scholarships from the 2022 SIA Women in Security Forum to further educational opportunities and promote career advancement.

from Cybersecurity News https://ift.tt/XPs9Ofo

Public cloud data security blind spots

Many organizations lack visibility into unauthorized public cloud data access, according to a new Laminar survey.

from Cybersecurity News https://ift.tt/BKqzYlg

What cybersecurity measures do CISOs outsource?

Cybersecurity leaders can outsource security to increase their cyberattack readiness. U.S. chief information security officers (CISOs) share their priorities and what they delegate.

from Cybersecurity News https://ift.tt/jHyfGUF

5 minutes with David Mahdi — Establishing digital trust with identity-first security

Security magazine sits downs with David Mahdi, Chief Strategy Officer and Chief Information Security Officer (CISO) Advisor at Sectigo, to discuss why enterprise security leaders must establish digital trust.

from Cybersecurity News https://ift.tt/UNwQAn1

4 CISO strategies for banks combatting business email compromise

Chip Gibbons, Chief Information Security Officer (CISO) at Thrive Network, shares tips for bank security leaders combatting phishing and business email compromise.

from Cyber Security News https://ift.tt/whf5DQE

342m medical records breached since 2009

Medical organizations in the United States have suffered nearly 5,000 data breaches that account for 342 million medical records, according to Comparitech research. 

from Cyber Security News https://ift.tt/GhlkyXs

Convergence is the answer for a defense-in-depth approach

Instead of having 40+ different security products, organizations need to rethink their security approach. Converging cybersecurity tools may be the answer.

from Cyber Security News https://ift.tt/epSgCNP

Elizabeth Wharton named Cybersecurity or Privacy Woman Law Professional for 2022

Elizabeth Wharton, Vice President of Operations at SCYTHE, was honored with the Cybersecurity or Privacy Woman Law Professional of the Year for 2022 by the United Cybersecurity Alliance. 

from Cyber Security News https://ift.tt/LgYushq

Twilio cyberattackers hit over 130 companies using the same phishing campaign

The threat actors responsible for several recent cyberattacks, including Twilio, MailChimp and Klaviyo, compromised more than 130 companies, using the same phishing campaign. 

from Cyber Security News https://ift.tt/EQdaH7r

Increasing cybersecurity awareness in critical infrastructure

Critical infrastructure remains a target for cyberattacks. Security awareness training is critical to preventing business disruptions in the sector.

from Cyber Security News https://ift.tt/MARwhsb

The business effects of nation-state cyberattacks

Machine identities have been used in recent nation-state cyberattacks, according to a study of enterprise security leaders from Venafi.

from Cyber Security News https://ift.tt/bQm5ZJv

Twitter lacks cybersecurity & data privacy best practices, says ex-security chief

Peiter “Mudge” Zatko, former head of security at Twitter, has accused Twitter of “extreme, egregious deficiencies” in its spam and hacker-fighting practices.

from Cyber Security News https://ift.tt/6BU0JEG

4 key areas cybersecurity leaders should focus on

What are four critical areas every cybersecurity leader should invest in to help set up their information security team up for success? 

from Cyber Security News https://ift.tt/VDZ1xW5

(ISC)²: Cyber professionals want remote work

The most satisfied cybersecurity professionals are those who choose where to work, according to a new (ISC)² member poll.

from Cyber Security News https://ift.tt/pNFQdG8

California ADCA bill aims to increase children’s data privacy

The California Age-Appropriate Design Code Act (ADCA) is under consideration in the state. The bill would increase data privacy regulations for users under 18.

from Cyber Security News https://ift.tt/EN6l9Uc

Geopolitics & cybersecurity are intrinsically linked. Cyber strategies must shift

Due to the geopolitical landscape, organizations must adopt cybersecurity risk management supported by a risk-aware culture and security technologies.

from Cyber Security News https://ift.tt/Ftirw0Q

Best practices for cryptocurrency fraud investigations

Matt Price, Head of Intelligence and Investigations, Americas at Binance talks using digital forensics to investigate cryptocurrency fraud and financial crimes in this podcast episode.

from Cyber Security News https://ift.tt/nS7BHLq

Matt Mullenix named Bowman's EVP, Chief Information Officer, Chief Information Security Officer

As Bowman’s CIO and CISO, Matt Mullenix will oversees the people, processes and technologies within the company’s IT/cybersecurity organization.

from Cyber Security News https://ift.tt/hAJtHnd

3 steps to securing healthcare networks

Healthcare cybersecurity teams can improve their network security with a three-point plan focused on prevention, detection and vigilance.

from Cyber Security News https://ift.tt/GVeDyaA

A national data privacy law might arrive sooner than expected

For those of us waiting for a national data privacy law, there’s good news. The American Data Privacy and Protection Act (ADPPA) has already made it further than any other federal privacy law and faster than many expected.

from Cyber Security News https://ift.tt/b1NAOC2

67% of organizations had identity-related data breaches last year

The “Identity Data Management: Roadblock or Business Enabler” report by Gartner Peer Insights and Radiant Logic found that two-thirds of organizations have experienced identity-related data breaches.

from Cyber Security News https://ift.tt/mISBbW0

Apple warns of cybersecurity vulnerabilities affecting millions of devices

Apple has disclosed security vulnerabilities affecting iPhones, Macs and iPads and released cybersecurity software updates for affected devices.

from Cyber Security News https://ift.tt/qk6cj3C

Energy department makes $45m investment in cybersecurity

The U.S. Department of Energy will allocate $45 million to protect the electric grid from cyberattacks.

from Cyber Security News https://ift.tt/HLUsIfp

Cloud attacks on the supply chain are a huge concern

Organizations are concerned about third-party security breaches, with 48% concerned about potential data loss as a result of such risks, according to Proofpoint.

from Cyber Security News https://ift.tt/ygs3bPO

Meta releases election security plan ahead of 2022 midterms

After concerns about misinformation spread via social media affecting the 2020 presidential election, Meta details their policies for voting information ahead of the 2022 U.S. midterm elections.

from Cyber Security News https://ift.tt/KZfdB8a

Key questions to ask when building a cloud security strategy

Data privacy and security, and a lack of in-house cybersecurity expertise, and controlling costs — what are some of the top cloud obstacles? 

from Cyber Security News https://ift.tt/nM7A2hF

Getting ahead of certificate-related outages with automation and visibility

The State of Machine Identity Management report from Keyfactor examined the role of public key infrastructure (PKI) and machine identities in securing modern enterprises.

from Cyber Security News https://ift.tt/I1nCNcK

1044% increase in social media account hijacking

In 2021, the ITRC received the highest number of contacts in its history about identity crimes and requests for assistance to prevent identity misuse.

from Cyber Security News https://ift.tt/Emjv7aQ

Two-thirds of US businesses are targeted by security threats weekly

The “2022 Mid-Year Outlook State of Protective Intelligence Report” by the Ontic Center for Protective Intelligence surveyed risk management & security professionals to determine enterprise threat levels.

from Cyber Security News https://ift.tt/kia6RBs

Survey to explore gender diversity in Australian cybersecurity industry

A survey seeks to determine the gender diversity of the Australian cybersecurity sector and identify how to close the cyber skills gap.

from Cyber Security News https://ift.tt/IHDjMz6

MSP burnout and cybersecurity — fight fire with fire

As much as cybersecurity is emblematic of  Managed Service Providers (MSP) burnout, it can also provide relief. Here are a few ways to fight fire with fire.

from Cyber Security News https://www.securitymagazine.com/articles/98184-msp-burnout-and-cybersecurity-fight-fire-with-fire

5 phases of zero trust in cloud adoption

Organizations looking to expand their cloud adoption can incorporate zero trust principles to manage identity and access across their network.

from Cyber Security News https://ift.tt/r5Xowz0

Key traits of security leaders in cyber resilience

Learn about four levels of cybersecurity resilience.

from Cyber Security News https://ift.tt/rOEUVQ4

Rising to the challenge of modern data security and growing privacy regulations

A master data management approach can help organizations prepare today for tomorrow's data privacy, compliance and regulatory challenges.

from Cyber Security News https://ift.tt/3eFJdms

USB cyberattacks pose a threat to manufacturing & industrial sector

The 2022 Honeywell Industrial Cybersecurity USB Threat Report found elevated threat levels regarding USB-borne cyberattacks on the industrial sector.

from Cyber Security News https://ift.tt/JwQcELx

6 areas to watch in the Software Bill of Materials evolution

Software Bill of Materials (SBOM) are a critical tool in protecting enterprise and government organizations from software supply chain security threats.

from Cyber Security News https://ift.tt/As5Popt

SOVA, Android Banking Trojan, returns

Researchers at Cleafy discovered a version of SOVA that appears to be targeting more than 200 mobile applications, including banking apps and crypto exchanges/wallets.

from Cyber Security News https://ift.tt/Auoz3rQ

Does cyber insurance cover ransomware payment demands?

The BlackBerry Cyber Insurance Coverage study surveyed 450 information technology (IT) and cybersecurity decision-makers about their cyber insurance coverage and ransomware protection levels.

from Cyber Security News https://ift.tt/ymOcFGV

For stronger cybersecurity in the remote work era, just say ‘SASE’

Is your organization a good candidate for Secure Access Service Edge (SASE)? Here are six indicators that suggest it could be.

from Cyber Security News https://ift.tt/g4RDcx3

Cybersecurity lessons from the red team: How to prevent a data breach

Default security configurations, weak passwords and human error are the top vectors for cyberattackers targeting enterprise networks. Penetration testers share how to avoid these cyber risks.

from Cyber Security News https://ift.tt/rG7KS3j

Data security, surveillance practices to be examined by FTC

The Federal Trade Commission will be exploring rules to crack down on lax data security and harmful commercial surveillance. 

from Cyber Security News https://ift.tt/9VgwuUv

How to protect cybersecurity budgets

For chief information security officers (CISOs) and their organizations, the question is not if the cybersecurity budget should be cut. It's how much risk they are willing to take.

from Cyber Security News https://ift.tt/G6et7yZ

Why it pays to be an early adopter of cybersecurity technology

Chief information security officers (CISOs) must be early adopters and explore emerging cyber technology if they hope to keep ahead of cybercriminals.

from Cyber Security News https://ift.tt/rkmZClh

Avoid these employee monitoring blunders

Employee monitoring needs to be approached correctly. Too often, poorly constructed plans, bad communication and unreasonable expectations get in the way of a successful implementation. 

from Cyber Security News https://ift.tt/XvBEN9b

Free toolkit of cybersecurity resources for election security

The Cybersecurity and Infrastructure Security Agency (CISA) released a catalog of free services and tools available for state and local election officials to improve the cybersecurity and resilience of their infrastructure.

from Cyber Security News https://ift.tt/i2KMw7g

The top identity-based attacks and how to stop them: Part 2

Let's explore two top identity-based attacks — phishing and third-party accounts — and ways organizations can implement cybersecurity best practices to defend against these.

from Cyber Security News https://ift.tt/yoCjtDS

Email cyberattacks increased 48% in first half of 2022

Email security threats are increasing, according to the H2 2022 Email Threat Report from Abnormal Security.

from Cyber Security News https://ift.tt/igMf1Rm

Austin Siders named CIO at the University of Southern Indiana

Austin Siders has been named Chief Information Officer (CIO) at the University of Southern Indiana, where he will lead tech and cybersecurity efforts.

from Cyber Security News https://ift.tt/zUP6Eo8

Christine Whichard promoted to CISO at SmartBear

Christine Whichard, new Chief Information Security Officer (CISO) at SmartBear, has been an instrumental leader in the company’s cybersecurity plans, including an overhaul of its Information Security program.

from Cyber Security News https://ift.tt/8Y9mIzG

AMA: Cybersecurity Leadership Edition — Meg West

Security sits down with Meg West, X-Force Cybersecurity Incident Response Consultant at IBM, to answer reader questions about enterprise cybersecurity insights, burnout and more in a new podcast episode.

from Cyber Security News https://ift.tt/eWzZ810

9 security threats in the metaverse

Let's examine nine different categories of threats against the metaverse and inside the metaverse, including cyber-physical crime, financial fraud, legal implications and more, according to Trend Micro.

from Cyber Security News https://ift.tt/o5ZI9Bj

The next evolution of cyber defense: Ransomware-proof object storage

To meet the security issues of today, organizations must now shift to object-based backup storage. 

from Cyber Security News https://ift.tt/IcUFkP5

Trust, transparency and reliability are keys to Web3 success

Web3 is coming — what will that mean for enterprise security? This blockchain-based version of the internet may present new cybersecurity challenges.

from Cyber Security News https://ift.tt/CFa2XSG

Hashed passwords exposed in Slack vulnerability

Office communication platform Slack has admitted to accidentally exposing the hashed passwords of some users. 

from Cyber Security News https://ift.tt/8zKAxVQ

Preventing email phishing attacks this summer with 3 defensive measures

3.4 billion phishing attacks are raining on us every day. With summer now upon us, it seems that everyone is on vacation. Here are three tips to get your business ready for phishing season.

from Cyber Security News https://ift.tt/UWsyeCp

Justin DePalmo named VP, CISO at GDIT

Cybersecurity executive Justin DePalmo has been named Vice President, Chief Information Security Officer (CISO) at General Dynamics Information Technology (GDIT).

from Cyber Security News https://ift.tt/BOpjy6h

Bot attacks target pharmaceutical industry to steal prescriptions

Cyber actors have used credential stuffing bot attacks to obtain and then resell pharmacy account details, giving unauthorized individuals access to prescription drugs.

from Cyber Security News https://ift.tt/oYIUaL5

Deepfakes, cyber extortion, API attacks and other emerging cyber threats

Amid pandemic disruptions, burnout and geopolitically motivated cyberattacks, what are the challenges faced by security teams? VMware's Global Incident Response Threat Report shines a light on emerging cyber threats.

from Cyber Security News https://ift.tt/buBAYqC

How employee upskilling can ease the cyber talent shortage

While the cyber industry has traditionally focused on recruitment, focusing on upskilling workers can help remedy the cybersecurity talent shortage.

from Cyber Security News https://ift.tt/blwvSLJ

The top identity-based attacks and how to stop them

What are the most prominent identity-based attacks and how are they carried out? And how can security teams leverage identity technologies to mitigate those attacks and reduce their organizational risk?

from Cyber Security News https://ift.tt/Nxef3mP

Top malware strains observed in 2021

The Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have released an advisory on top malware strains in 2021.

from Cyber Security News https://ift.tt/JMAvkb6

$9 million research grant targets software supply chain security

North Carolina State University and three partners will research strategies for software supply chain security and building a diverse cyber workforce.

from Cyber Security News https://ift.tt/1aRpiz9

Annette Southgate named Director of Security at Cranfield University

Annette Southgate has been named Director of Security at Cranfield University, a U.K.-based technology, defense and security institution.

from Cyber Security News https://ift.tt/pw6Eyc5

The rise of phygital attacks on critical infrastructure — and how to stop them

The “phygital” attack, which bridges “physical” and “digital,” are a serious threat to critical infrastructure. What can chief security officers (CSOs), chief information security officers (CISOs), and other security personnel do to protect companies against them?

from Cyber Security News https://ift.tt/kq6o5gl

Top 3 web attack vectors in the gaming industry

A new Akamai report reveals that cyberattacks on player accounts and gaming companies increased dramatically in the past year, with web application attacks doubling. 

from Cyber Security News https://ift.tt/re9YMqt

New Kaspersky security vulnerability identified

The Synopsys Cybersecurity Research Center (CyRC) team has identified a local privilege escalation vulnerability in Kaspersky VPN Secure Connection for Microsoft Windows.

from Cyber Security News https://ift.tt/leGq4YL

One-third of organizations experience weekly ransomware attacks

One-third of organizations experience at least one ransomware attack per week, with 9% of enterprises experiencing one daily, according to a report from Menlo Security.

from Cyber Security News https://ift.tt/k3WuDgO

4 key cybersecurity threat trends in 2023

What are some cybersecurity threat trends that will likely dominate the landscape in 2023 and beyond? A new Intel 471 report reveals threats organizations need to prepare for.

from Cyber Security News https://ift.tt/fnEZ7XH

Biometrics as a foundation of zero trust: How do we get there?

How can your organization implement a zero trust security model while safeguarding biometric data?

from Cyber Security News https://ift.tt/EUjskVW

Top 10 universities in US, UK & Australia failing on DMARC

The top universities in the United States, the United Kingdom and Australia are lagging on basic cybersecurity measures, according to new Proofpoint research.

from Cyber Security News https://ift.tt/t7X129v

NSF-funded research aims to improve equity in cybersecurity design

Researchers at the University of Florida and other collaborators are working to understand how inequity in tech and cybersecurity design affects marginalized populations.

from Cyber Security News https://ift.tt/90IJiVE

3207 apps are leaking Twitter API keys

Cybersecurity researchers at CloudSEK have uncovered a set of 3,207 mobile apps exposing Twitter API keys to the public.

from Cyber Security News https://ift.tt/9IYuhtG

The top 5 voice network vulnerabilities

Learn about the five main types of voice scams that can lead to data breaches, security vulnerabilities and loss of productivity for enterprise security.

from Cyber Security News https://ift.tt/THu5CZL

Identity management in a multi-cloud environment

Managing enterprise identities in a multi-cloud environment presents a challenge to cybersecurity leadership. Discover identity and access management (IAM) best practices here.

from Cyber Security News https://ift.tt/mNC8tQp

Michael Neuman named CISO at Backstop

Michael Neuman has been named the new Chief Information Security Officer (CISO) at Backstop Solutions Group.

from Cyber Security News https://ift.tt/Quih9X6

The cost of a data breach averages $15m

The overall average cost of a data breach is now $15.01 million, according to new Black Kite research. 

from Cyber Security News https://ift.tt/WjrdcsT

Telegram — the preferred method of anonymous communication among cybercriminals

Telegram has been growing in use among cybercriminals, Intel 471 found. 

from Cyber Security News https://ift.tt/1dkqori

The cybersecurity skills gap highlights the need for cyber-awareness training

With a significant cybersecurity skills gap and increasing cyberattacks, organizations need all the advantages they can get. A programmatic cyber-awareness training program is one such advantage.

from Cyber Security News https://ift.tt/JgUIzMe

Tenet Healthcare cyberattack cost $100 million

Tenet Healthcare reported it suffered a $100 million financial impact from a cyberattack, mostly caused by lost revenues and remediation costs.

from Cyber Security News https://ift.tt/ifeBhak

The new face of corporate espionage and what can be done about it

Learn about corporate espionage and three key steps security leaders and their companies should take to prevent data exfiltration and other insider threats.

from Cyber Security News https://ift.tt/hpX0OvE

Healthcare organizations must prepare for looming cybersecurity legislation

The Strengthening Cybersecurity in Medical Devices Act has been introduced in Congress — what ramifications will it have for healthcare security leaders?

from Cyber Security News https://ift.tt/DnVLB7o

Department of Justice investigates data breach of court records system

The U.S. Department of Justice is investigating a data breach that involves the federal court records management system. 

from Cyber Security News https://ift.tt/H8Yk3zp

Tomer Gershoni named Chief Security Officer at ZoomInfo

Long-time cybersecurity expert Tomer Gershoni will lead ZoomInfo's security team, overseeing physical and digital security and privacy efforts as its Chief Security Officer (CSO).

from Cyber Security News https://ift.tt/SuofHn6

5 steps CISOs can take to increase supply chain visibility

Here are a few ways chief information security officers (CISOs) can safeguard visibility while mitigating cybersecurity risks in the supply chains for physical goods.

from Cyber Security News https://ift.tt/gvCrXEJ

Darrin Reynolds named CISO at Edgio

Darrin Reynolds has been named the new Chief Information Security Officer (CISO) at Edgio.

from Cyber Security News https://ift.tt/ceWHoqG

Strategies for third-party risk management in healthcare

The Third-Party Vendor Risk Management in Healthcare report from the Cloud Security Alliance (CSA) provides an overview of the third-party vendor security risks healthcare organizations face.

from Cyber Security News https://ift.tt/ULPiO2T

Carl Froggett joins Deep Instinct as Chief Information Officer

As Chief Information Officer at Deep Instinct, Carl Froggett will play a key role in enhancing the company's enterprise security and cybersecurity posture.

from Cyber Security News https://ift.tt/DiXLz2A

Dreading security risk assessments? 6 ways to make them better

The risk assessment process shouldn't be dreaded. Get ready to breathe easier with six steps to move toward a smoother risk assessment process and much tighter security. 

from Cyber Security News https://ift.tt/JWYUH0K

5 minutes with Brent Johnson — How data breaches will evolve in 2022

How can companies update their cybersecurity strategy in 2022 to prevent data compromise and stay away from a data breach? 

from Cyber Security News https://ift.tt/7JoDAj5

Rob Thompson named CIO at Wayne State University

Rob Thompson has been named as Wayne State University’s Chief Information Officer (CIO) and Associate Vice President for Computing and Information Technology (C&IT).

from Cyber Security News https://ift.tt/uGikDI5

Top 5 emerging enterprise risks in Q2 2022

The Q2 2022 Emerging Risks Report from Gartner surveyed 306 business and risk management executives to determine the latest risk trends affecting enterprises today, such as supply chain security, inflation and loss prevention.

from Cyber Security News https://ift.tt/dcRUgft

The drawbacks of facial recognition technology

In the latest The Security Podcasts episode, Tom Thimot, CEO of authID.ai, offers a unique perspective on the concerns raised around ID.me’s technology, where they went wrong with the IRS, and the drawbacks of facial recognition technology. 

from Cyber Security News https://ift.tt/DB4P51e

LinkedIn remains most-impersonated brand by phishing campaigns

The Q2 2022 Brand Phishing Report from Check Point Research (CPR) found that LinkedIn is the most-impersonated brand when it comes to phishing campaigns.

from Cyber Security News https://ift.tt/VELOMdR

NIST updates HIPAA cybersecurity guidance

For improved healthcare cybersecurity, NIST has released an updated draft of the HIPAA security rule guidance. 

from Cyber Security News https://ift.tt/oIscxNH

TSA updates cybersecurity requirements for pipeline owners and operators

The new TSA security directive takes a performance-based approach to enhancing cybersecurity for pipeline owners and operators. 

from Cyber Security News https://ift.tt/CadVF3Q

Digital risk management and compliance as a code

While businesses have taken risk management into the digital age, morphing governance, risk and compliance into digital risk management (DRM), many organizations missed one vital component of DRM — namely, compliance as a code. 

from Cyber Security News https://ift.tt/L8vu1Tr

Does cybersecurity's 'blame culture' affect incident reporting?

A report from Gigamon explores the culture of blame in cybersecurity and its effect on incident reporting.

from Cyber Security News https://ift.tt/AtlPWqp

T-Mobile to pay $350m settlement for data breach

T-Mobile has agreed to pay $350 million to customers affected by a data breach, in an effort to settle a class action lawsuit. 

from Cyber Security News https://ift.tt/OvKYW2S

Identity security is a priority for IT security teams, but not understood by the C-suite

Despite good intentions, over 60% of companies have a long way to go to protect privileged identities and access, according to a Delinea report of IT security decision makers.

from Cyber Security News https://ift.tt/ONG2onf

Cybercriminals are using messaging apps to deliver malware

Cybercriminals have started to use messaging apps like Discord and Telegram to spread malware, according to Intel 471 security research. 

from Cyber Security News https://ift.tt/pXcwz1Y

What you don’t know about compliance can hurt you

When it comes to compliance and data privacy, ignorance is not bliss. Today’s businesses must be aware of the regulations that govern them or risk incurring significant, potentially crippling penalties.  

from Cyber Security News https://ift.tt/2OePCzl

60% of cybersecurity leaders not confident in their cloud security tactics

The Global Study on Zero Trust Security for the Cloud from Appgate and conducted by the Ponemon Institute surveyed security professionals to examine cloud security and zero trust practices.

from Cyber Security News https://ift.tt/nRvHBVM

Malicious attacks are #1 cause of healthcare data breaches

The 2022 Mid-Year Horizon Report: The State of Cybersecurity in Healthcare from Fortified Health Security illustrates how healthcare providers, health plans and business associates need to bolster their security posture.

from Cyber Security News https://ift.tt/oDlIb7A

Cybercriminal dark web enterprises grow

"The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back" report from HP Wolf Security dives into the inner workings of the dark web.

from Cyber Security News https://ift.tt/rEQYhpn

Kelli Burns named SVP, CISO at Accolade

As Senior Vice President, Chief Information Security Officer at Accolade, Kelli Burns will lead the information security business unit and support the overall compliance and risk management function.

from Cyber Security News https://ift.tt/hZrUpD7

Proactive auditing — a key component to an offensive cybersecurity approach

As the number of cyberattacks rise, organizations must reconsider their approach to cybersecurity to be more proactive rather than reactive, which is why the adoption of proactive auditing, among a wider offensive cybersecurity approach, is so essential.

from Cyber Security News https://ift.tt/324qeBx

Minorities in Cybersecurity conference registration is open

The Minorities in Cybersecurity (MiC) Annual Conference will take place from March 28 to 30, 2023 at NYLO Las Colinas in Dallas, Texas.

from Cyber Security News https://ift.tt/XUAWayz

North Korean state-sponsored ransomware thwarted

Two ransom payments made by U.S. healthcare providers were recovered by law enforcement and returned to victims, the Justice Department announced.

from Cyber Security News https://ift.tt/3KFhwcl

Hackers are using phishing emails from PayPal

Cyberattackers are now sending phishing emails from PayPal using social engineering, Avanan research reveals.

from Cyber Security News https://ift.tt/Z9pvirA

DHS purchases of cell phone location data raise privacy concerns

Files released to the ACLU by U.S. Customs and Border Protection (CBP) reveal widespread purchases of cell phone location data by the Department of Homeland Security (DHS).

from Cyber Security News https://ift.tt/02CXbi4

Ethiopian government introduces digital biometric IDs

The Ethiopian government is implementing a national identification program using biometrics to create digital IDs for its citizens.

from Cyber Security News https://ift.tt/HBQJtLk

Mikhail Lopushanski joins Heritage Bank as CISO

Mikhail Lopushanski, a risk management and IT auditing specialist, has joined Heritage Bank as the new Chief Information Security Officer (CISO).

from Cyber Security News https://ift.tt/GPIBWMt