Les McMonagle named Chief Strategy Officer at Mage

Les McMonagle, a cybersecurity strategist, has been named Chief Strategy Officer at Mage, formerly MENTIS Inc.

from Cyber Security News https://ift.tt/15NnSve

Jeffrey Wheatman named Senior Vice President, Cyber Risk Evangelist at Black Kite

Jeffrey Wheatman has joined Black Kite as Senior Vice President, Cyber Risk Evangelist. He will work with users to strengthen their risk management, and help mitigate cybersecurity and third party risk. 

from Cyber Security News https://ift.tt/aQdkvZH

Russia's air transport agency affected by cyberattacks

A cyberattack on the Russian Federal Air Transport Agency's (Rosaviatsia) infrastructure allegedly erased all documents, files, aircraft registration data and emails from the servers.

from Cyber Security News https://ift.tt/qHe0mzN

Reduce data breach risk on World Backup Day 2022

March 31st is World Backup Day. Cybersecurity leaders discuss the importance of backing up enterprise data to prevent data loss and reduce cyberattack effects.

from Cyber Security News https://ift.tt/IfJAucT

32% of world's largest enterprises suffer a CMS security breach every week

Nearly a third of the world’s largest business websites suffer a security and/or data breach every single week due to their content management systems (CMS), according to new Storyblok research.

from Cyber Security News https://ift.tt/M2O4JN6

Serious security vulnerabilities found in Wyze Cam devices

While looking into the Wyze Cam security devices, security researchers found several security vulnerabilities that let an outside attacker access the camera feed or execute malicious code to further compromise the device. 

from Cyber Security News https://ift.tt/rHBaqlY

3 reasons to reconsider automating cybersecurity

With the number of cyberattacks faced by enterprise organizations, security teams need to rely on artificial intelligence to mitigate risk. However, a fully automated approach to cybersecurity presents challenges as well.

from Cyber Security News https://ift.tt/LVE158X

Europol arrests 100+ individuals over multi-million call center scam

With the support of Europol, law enforcement agencies in Latvia and Lithuania detained over 100 people suspected of defrauding victims across the world in an international call center scam. 

from Cyber Security News https://ift.tt/vwhWFY5

Private mobile networks will fuel the 4th industrial revolution

Private mobile networks make it a great candidate to solve the security challenges and the mobility problem that the Industry 4.0, Digital Transformation, and Industrial Internet of Things (IIoT) bring. 

from Cyber Security News https://ift.tt/GtTH7PX

Cyber leaders concerned about Russian critical infrastructure attacks

Cybersecurity nonprofit (ISC)² released a poll outlining the top concerns of security leaders as the Russian invasion of Ukraine progresses.

from Cyber Security News https://ift.tt/VTEXpk8

Identity management conference to take place April 12

The Identity Defined Security Alliance (IDSA) will host the Identity Management Day Virtual Conference 2022 on April 12, 2022, aiming to increase awareness about identity management and cybersecurity.

from Cyber Security News https://ift.tt/fIzLjxD

1 in 4 employees who fell victim to cyberattacks lost their jobs

One in four employees lost their job in the last 12 months, after making a mistake that compromised their company’s security, according to new data by Tessian.

from Cyber Security News https://ift.tt/pNgTFjE

Mark Strosahl joins Penn Mutual as Chief Information Security Officer.

Mark Strosahl has joined Penn Mutual Life Insurance Company as Chief Information Security Officer (CISO). Strosahl has over 14 years of financial services industry experience leading information technology and information security functions. 

from Cyber Security News https://ift.tt/V5SBz1k

Ukraine's national telecoms operator suffers cyberattack

Ukrtelecom, a major mobile service and internet provider in Ukraine, was hit by a cyberattack. 

from Cyber Security News https://ift.tt/nzy7Upl

Cyber competition trains future security talent

Hack the Port 22 allowed students interested in hacking and cybersecurity to hone their skills in cyber competitions and learn from industry and government cyber professionals.

from Cyber Security News https://ift.tt/5TrL2cZ

Can we close the gap between functional safety and cybersecurity in OT systems?

From unalignment in safety and cybersecurity regulations and standards to the increased risk of cyberattacks in functional safety systems as they become better connected, there is a need for security experts to expand and deepen collaboration to close the gap between functional safety and cybersecurity. 

from Cyber Security News https://ift.tt/x8TnW4H

Federal deal will allow EU data to be collected in US

The United States and the European Commission have reached a deal in principle regarding the transfer and storage of European data on U.S. soil. Data privacy experts warn that the commitment may be too vague to maintain cybersecurity standards.

from Cyber Security News https://ift.tt/zquTWao

Social media sites most targeted by data breaches

A survey by ProtonVPN found that social media sites were the most common website type to suffer a data breach, followed by gaming and technology websites.

from Cyber Security News https://ift.tt/lzWHBMT

The new problem in cybersecurity: Slaying the data dragon

For the past many years, the focus in cybersecurity has been on collecting data. But now, cybersecurity leaders are drowning in data, which is introducing a new type of risk to organizations. By increasing their data observability capabilities, organizations can improve performance, threat detection, incident response and other key processes. 

from Cyber Security News https://ift.tt/goaeT75

Transforming data security teams from gatekeepers to enablers

With digital transformations, the goal is to transform data security teams from gatekeepers to enablers capable of performing at the speed of the cloud.

from Cyber Security News https://ift.tt/z8l39Jn

Could Russia launch a cyberattack on the US power grid?

As the Russian invasion of Ukraine continues, cybersecurity professionals are on the lookout for cyberattacks following the Kremlin's initial strategy of hacking the Ukrainian government.

from Cyber Security News https://ift.tt/ASFdlCD

Using zero trust to safely power the business ecosystem

Organizations are turning to zero trust access technologies to address security issues related to third-party risk. 

from Cyber Security News https://ift.tt/HginzuD

Striving for diverse leadership in risk management

The latest Security podcast features Arti Lalwani, Risk Management and Privacy Knowledge Leader at A-LIGN, who discusses her career journey through auditing, risk and data privacy.

from Cyber Security News https://ift.tt/rbuZx30

What does the CPRA mean for US businesses?

Data privacy legislation has popped up across the United States, largely regulated by individual states. The California Privacy Rights Act (CPRA) has wide-reaching effects for U.S. enterprise organizations.

from Cyber Security News https://ift.tt/YFJlGtI

Security teams have too many assets to secure

Security teams have an unprecedented number of assets to inventory, manage and secure across a cloud-based organization, according to a new JupiterOne report. 

from Cyber Security News https://ift.tt/yh0qarF

IoT is magic for building automation systems. But what about security?

Organizations can improve their security profile by implementing a plan that includes best practices and rules for compliance along with the technology to implement it. 

from Cyber Security News https://ift.tt/oBYgpRq

Biden warns private sector to brace for Russian cyberattacks

The White House urged private organizations to bolster their cybersecurity defenses, as intelligence suggests Russia is exploring options for potential cyberattacks to target U.S. critical infrastructure.

from Cyber Security News https://ift.tt/Nr4bz2I

Cybersecurity firm Okta investigating possible data breach

Identity and access management company Okta is investigating a possible data breach after ransomware group Lapsus$ claimed to have hacked the company.

from Cyber Security News https://ift.tt/VsYhUw3

AvosLocker ransomware a threat to critical infrastructure

Ransomware as a service (RaaS) affiliate group AvosLocker has targeted a number of victims across multiple critical infrastructure sectors. Here are a few mitigation strategies organizations can implement. 

from Cyber Security News https://ift.tt/HGVRlyI

Learning from the past: Russia, Ukraine & the Middle East

Ian Thornton-Trump, Chief Information Security Officer (CISO) at Cyjax, and Philip Ingram, CEO of Grey Hare Media, take a closer look at the Russian invasion of Ukraine through the lens of conflict in the Middle East in the tenth episode of The Cybersecurity and Geopolitical Podcast.

from Cyber Security News https://ift.tt/kT6oYVA

Building the future-proof retail store with SASE

Retail security leaders play an important role regarding business continuity. Incorporating SASE and SD-WAN can help businesses stay resilient in a changing retail environment.

from Cyber Security News https://ift.tt/y1udpc2

Data privacy in 2022: Four recommendations for businesses and consumers

There isn’t a silver bullet to consumer data privacy; different organizations are at different stages of privacy maturity. However, there are four steps organizations can take to advance their data privacy program maturity.  

from Cyber Security News https://ift.tt/eOuPYHF

Top 4 obstacles to K-12 cybersecurity

K-12 school administrators and cybersecurity leaders outlined their top four challenges to securing their educational institutions in the "Creating a Common Culture of Action Around Cybersecurity: 2021 National K-12 Education Cybersecurity Report" from iboss.

from Cyber Security News https://ift.tt/M6cpzq0

Top three attack trends in API security

A new Cequence Security API Security Threat Report: Bots and Automated Attacks Explode revealed three attack trends in API security.

from Cyber Security News https://ift.tt/xhWBnJc

How to create a security-first culture

When it comes to building a security-first culture, a layered approach that takes physical security, security solutions and training into consideration is best. 

from Cyber Security News https://ift.tt/DiQ2pUw

Russian hackers exploit MFA and PrintNightmare security vulnerability in NGO breach

Russian state-sponsored cyberattackers gained network access to a non-governmental organization by exploiting default multi-factor authentication (MFA) protocols and PrintNightmare, a known security vulnerability. 

from Cyber Security News https://ift.tt/ItXRG6U

Mobile zero-day security vulnerabilities, phishing attacks continue to rise

For teams looking to respond to evolving mobile security threats, the Zimperium 2022 Global Mobile Threat Report offers some insights. 

from Cyber Security News https://ift.tt/LmkBsP4

Cryptocurrency scams pose as Ukraine aid organizations

Cybercriminals have begun to leverage the Russian invasion of Ukraine to target phishing victims by posing as legitimate aid organizations.

from Cyber Security News https://ift.tt/wDRayJz

Meta fined $18.6 million for data breaches that violate GDPR

Meta has been fined $18.9 million by the Irish Data Protection Commission for Facebook’s 2018 data breaches that violate data security and privacy, according to the European Union’s General Data Protection Regulation (GDPR). 

from Cyber Security News https://ift.tt/EiADZxs

Sailaja Kotra-Turner appointed CISO at Brown-Forman

Sailaja Kotra-Turner has been named Chief Information Security Officer at Brown-Forman Corporation, a beverage and spirits firm.

from Cyber Security News https://ift.tt/8ZXcfFH

Rinki Sethi joins Bill.com as VP, Chief Information Security Officer

Rinki Sethi has joined Bill.com as Vice President and Chief Information Security Officer. Sethi will lead the risk management, global information security and technology functions and efforts, protecting 

from Cyber Security News https://ift.tt/L1Bv74M

Nominate the Most Influential People in Security

Nominate a security leader to be named one of Security magazine's 2022 Most influential People in Security!

from Cyber Security News https://ift.tt/Lm7EBYW

What the Russian invasion of Ukraine means for cybersecurity

The cybersecurity threats posed by Russia have been top of mind since prior to the Russian invasion of Ukraine. From critical infrastructure shutdowns to ransomware, what implications does the conflict hold for cybersecurity?

from Cyber Security News https://ift.tt/wNSlp1y

SEC proposes cybersecurity risk management, incident disclosure rules for enterprises

The Securities and Exchange Commission (SEC) has proposed changes to standardize public companies’ disclosures regarding cybersecurity risk management, strategy, governance and incident reporting.

from Cyber Security News https://ift.tt/kPsAWtx

CISA hosts Cyber Storm exercise with 200+ organizations

CISA's Cyber Storm exercise simulates a significant cybersecurity incident impacting critical infrastructure to improve risk management, incident response planning, information sharing and cyber response activities. 

from Cyber Security News https://ift.tt/lbsmQEL

US ranked 3rd largest cyberattack target, following Russia & Ukraine

As of March 15th, the United States was ranked third when it comes to being the target of cyberattacks, with 7% of global cyber threats targeting users in the country. The U.S. ranks behind Russia and Ukraine.

from Cyber Security News https://ift.tt/OqK3vBQ

Four security protocols to protect the new normal, a hybrid steady state

 There are four security protocols to consider when reviewing an enterprise's public cloud risk profile.

from Cyber Security News https://ift.tt/RS1Ck69

One-fifth of cybersecurity alerts are false positives

The 2022 Cloud Security Alert Fatigue Report from Orca Security found that 55% of cybersecurity teams have missed critical security alerts due to alert overload and ineffective security prioritization.

from Cyber Security News https://ift.tt/7gBVYnM

Avoid costly cybersecurity turnovers during March Madness

Don’t get too caught up in the excitement of March Madness. Cybercriminals will use social engineering, phishing, malware, ransomware and other cybersecurity strategies to wreak havoc. Boost security defenses now.

from Cyber Security News https://ift.tt/jS3rNtK

Protecting the enterprise from lateral movement attacks

Let’s look at lateral movement further and explore why it is important and how to minimize the impact of adversaries moving around your environment.

from Cyber Security News https://ift.tt/RBu8bqW

Critical infrastructure now required to report cyber incidents to CISA

Critical infrastructure operators are now required to report ransomware attacks, data breaches and other incidents to the Cybersecurity and Infrastructure Security Agency (CISA).

from Cyber Security News https://ift.tt/wBUCtKn

Top eight cybersecurity predictions for 2022

Let’s look at the eight predictions that are likely to have the biggest impact on networks in the coming year and why they are so important to prepare for.

from Cyber Security News https://ift.tt/S63G87X

Top 5 healthcare cybersecurity threats — and how to mitigate them

The 2021 Healthcare Data Breach Trend Report from Protected Harbor gives insight into evolving healthcare data breach patterns, predictive threats for 2022, and a playbook on how to increase information technology (IT) durability to stop future healthcare data attacks.

from Cyber Security News https://ift.tt/RfwKh1V

Listen to Josh Yavor, Tessian CISO, talk burnout among security teams and executives

Josh Yavor, Chief Information Security Officer (CISO) at Tessian, talks about the “leap-of-faith” decision he made four years ago that helped address his own feelings of burnout, and how CISOs can lead by example, setting boundaries and accountability at the C-suite level.

from Cyber Security News https://ift.tt/KAkDdHy

CISA outlines top cybersecurity priorities for 2022

Cybersecurity and Infrastructure Security Agency (CISA) Executive Assistant Director for Cybersecurity Eric Goldstein outlined CISA's top cyber defense priorities, including defending against cyberattacks, zero trust and more.

from Cyber Security News https://ift.tt/tiLmcHo

A deep dive into China APT41's breach of six U.S. state governments

China-backed hacker group APT41 has breached six U.S. state governments, two of which were exploited by the zero-day vulnerability Log4Shell. 

from Cyber Security News https://ift.tt/qDvyPeB

SIA announces Women in Security Forum Power 100

The Security Industry Association (SIA)'s Women in Security Forum has released the inaugural Power 100 honoree list, which highlights 100 women advancing leadership and inclusion in the security industry.

from Cyber Security News https://ift.tt/yEgAUSD

What the IRS got wrong about biometrics

A robust communications plan touching on ethical concerns, user experience, education and transparency might help to dispel the public’s concerns about facial recognition.

from Cyber Security News https://ift.tt/koeQ0Ez

Microsoft finds FoxBlade malware in Ukrainian systems

Microsoft says it found FoxBlade, a new malware that targets digital infrastructure, hours before Russia began its invasion of Ukraine on February 24. 

from Cyber Security News https://ift.tt/jmDAcV7

4 steps to securing video conferencing platforms

Video conferencing platforms like Zoom, Cisco, Google and Microsoft have helped enable remote work — but they also present security challenges. An international consortium reviewed the state of video teleconferencing platforms and how cybersecurity leaders can ensure their safety.

from Cyber Security News https://ift.tt/IGpB5rg

Dan Dennis named SVP, Chief Information Security Officer at Hyland

Dan Dennis has been named Hyland's Senior Vice President and Chief Information Security Officer (CISO). 

from Cyber Security News https://ift.tt/Qi1gc9U

Samsung confirms data breach affecting source code

Consumer electronics company Samsung has confirmed a significant data breach.

from Cyber Security News https://ift.tt/7ayn5xW

Cybersecurity report identifies top 5 cybercrime rings

Cybersecurity professionals name Hafnium, DarkSide and others as their top concerns when it comes to cybercrime rings, according to the Immersive Labs Cyber Workforce Benchmark report.

from Cyber Security News https://ift.tt/17Kxoyd

Celebrate women security leaders on International Women's Day 2022!

Women in the physical security and cybersecurity industries talk their careers and promoting diversity and inclusion on International Women's Day 2022.

from Cyber Security News https://ift.tt/LW6QTUk

Inside Security's March 2022 issue: Top Cybersecurity Leaders, COVID-19 lessons learned, risk management & more

Get ready: Security magazine's March 2022 issue is here! Inside, find the 2022 Top Cybersecurity Leaders special report, stories on COVID-19 security lessons learned, NGO and travel risk management, and much more!

from Cyber Security News https://ift.tt/B9EWam8

VPN demand spikes as Russia bans some social media

The Russian government has blocked Facebook and restricted content on Twitter amid its ongoing invasion of Ukraine. VPN services have risen in adoption since the ban.

from Cyber Security News https://ift.tt/ihLQcfP

50% of global cybersecurity firms host exposed databases

More than half of leading cybersecurity firms host at-risk databases, according to a new Reposify security report. 

from Cyber Security News https://ift.tt/ZE1WxSI

U.S. Senate passes cybersecurity bill amid warnings of Russian cyberattacks

Following warnings from DHS and CISA about potential Russian cyberattacks on U.S. organizations, the Senate has passed the Strengthening American Cybersecurity Act of 2022.

from Cyber Security News https://ift.tt/Jldn82Q

Nonprofit Cyber launches with mission to increase cybersecurity awareness

Several nonprofit cybersecurity organizations launched Nonprofit Cyber, a first-of-its-kind coalition of global nonprofit organizations to enhance joint action to improve cybersecurity. 

from Cyber Security News https://ift.tt/Ybg32pf

Survey aims to uncover the state of security convergence

A survey from the Security Executive Council (SEC)'s Security Leadership Research Institute (SLRI), in partnership with Kennesaw State University’s Coles College of Business, will research the current state of security convergence.

from Cyber Security News https://ift.tt/xgUfPwa

Microsoft finds FoxBlade malware on Ukrainian systems

Microsoft says it found FoxBlade, a new malware that targets digital infrastructure, hours before Russia began its invasion of Ukraine on February 24. 

from Cyber Security News https://ift.tt/QfOrVn6

NVIDIA cyberattack affects employee, company information

American chipmaker NVIDIA was the victim of a ransomware attack.

from Cyber Security News https://ift.tt/yufswgS

Boise State University reduces rural cybersecurity risk

The Institute of Pervasive Cybersecurity at Boise State University has introduced its Cyberdome initiative in partnership with Stellar Cyber, which aims to reduce rural cyber risk and expand the cybersecurity workforce in Idaho.

from Cyber Security News https://ift.tt/RPa8JsQ

Cybercrime: A clear and present danger

Nine suggestions for defending your organization against cybercrime or cyberwarfare.

from Cyber Security News https://ift.tt/ltsNTW5

Don Pecha appointed Senior Director of Information Security at FNTS

Cybersecurity leader and former Chief Information Security Officer (CISO) Don Pecha has been named the Senior Director of Information Security at FNTS.

from Cyber Security News https://ift.tt/flhRVmb

API attacks increased 681% in the last 12 months

The majority (95%) of organizations have experienced an API security incident in the past 12 months, according to Salt Security’s Salt Labs State of API Security Report, Q1 2022.

from Cyber Security News https://ift.tt/Zr2WgfM

$5.9 billion lost due to fraud in 2021

Identity theft and imposter scams were some of the top fraud techniques employed by scammers to defraud users out of $5.9 billion in 2021, according to data from the Federal Trade Commission (FTC).

from Cyber Security News https://ift.tt/yshJoIZ

Wiperware (pseudo ransomware) used in Ukraine cyberattacks

As tensions flare between Russia and Ukraine, the term wiperware or pseudo ransomware may pop up. Let’s break down what this means. 

from Cyber Security News https://ift.tt/VOhSnYo

Colonial Pipeline names Adam Tice Chief Information Security Officer

Colonial Pipeline named Adam Tice as its first ever Chief Information Security Officer. Tice will oversee and be responsible for Colonial Pipeline's information and data security program.

from Cyber Security News https://ift.tt/FV4WTZj

Toyota halts production after cyberattack on supplier

Toyota plastic parts supplier Kojima Industries (Kojima) has suffered a cyberattack that forced Toyota Motors to suspend the operation of 28 production lines across 14 plants in Japan for a day.

from Cyber Security News https://ift.tt/NCZPnw8