Department of Justice investigates data breach of court records system

The U.S. Department of Justice is investigating a data breach that involves the federal court records management system. 

from Cyber Security News https://ift.tt/H8Yk3zp

Tomer Gershoni named Chief Security Officer at ZoomInfo

Long-time cybersecurity expert Tomer Gershoni will lead ZoomInfo's security team, overseeing physical and digital security and privacy efforts as its Chief Security Officer (CSO).

from Cyber Security News https://ift.tt/SuofHn6

5 steps CISOs can take to increase supply chain visibility

Here are a few ways chief information security officers (CISOs) can safeguard visibility while mitigating cybersecurity risks in the supply chains for physical goods.

from Cyber Security News https://ift.tt/gvCrXEJ

Darrin Reynolds named CISO at Edgio

Darrin Reynolds has been named the new Chief Information Security Officer (CISO) at Edgio.

from Cyber Security News https://ift.tt/ceWHoqG

Strategies for third-party risk management in healthcare

The Third-Party Vendor Risk Management in Healthcare report from the Cloud Security Alliance (CSA) provides an overview of the third-party vendor security risks healthcare organizations face.

from Cyber Security News https://ift.tt/ULPiO2T

Carl Froggett joins Deep Instinct as Chief Information Officer

As Chief Information Officer at Deep Instinct, Carl Froggett will play a key role in enhancing the company's enterprise security and cybersecurity posture.

from Cyber Security News https://ift.tt/DiXLz2A

Dreading security risk assessments? 6 ways to make them better

The risk assessment process shouldn't be dreaded. Get ready to breathe easier with six steps to move toward a smoother risk assessment process and much tighter security. 

from Cyber Security News https://ift.tt/JWYUH0K

5 minutes with Brent Johnson — How data breaches will evolve in 2022

How can companies update their cybersecurity strategy in 2022 to prevent data compromise and stay away from a data breach? 

from Cyber Security News https://ift.tt/7JoDAj5

Rob Thompson named CIO at Wayne State University

Rob Thompson has been named as Wayne State University’s Chief Information Officer (CIO) and Associate Vice President for Computing and Information Technology (C&IT).

from Cyber Security News https://ift.tt/uGikDI5

Top 5 emerging enterprise risks in Q2 2022

The Q2 2022 Emerging Risks Report from Gartner surveyed 306 business and risk management executives to determine the latest risk trends affecting enterprises today, such as supply chain security, inflation and loss prevention.

from Cyber Security News https://ift.tt/dcRUgft

The drawbacks of facial recognition technology

In the latest The Security Podcasts episode, Tom Thimot, CEO of authID.ai, offers a unique perspective on the concerns raised around ID.me’s technology, where they went wrong with the IRS, and the drawbacks of facial recognition technology. 

from Cyber Security News https://ift.tt/DB4P51e

LinkedIn remains most-impersonated brand by phishing campaigns

The Q2 2022 Brand Phishing Report from Check Point Research (CPR) found that LinkedIn is the most-impersonated brand when it comes to phishing campaigns.

from Cyber Security News https://ift.tt/VELOMdR

NIST updates HIPAA cybersecurity guidance

For improved healthcare cybersecurity, NIST has released an updated draft of the HIPAA security rule guidance. 

from Cyber Security News https://ift.tt/oIscxNH

TSA updates cybersecurity requirements for pipeline owners and operators

The new TSA security directive takes a performance-based approach to enhancing cybersecurity for pipeline owners and operators. 

from Cyber Security News https://ift.tt/CadVF3Q

Digital risk management and compliance as a code

While businesses have taken risk management into the digital age, morphing governance, risk and compliance into digital risk management (DRM), many organizations missed one vital component of DRM — namely, compliance as a code. 

from Cyber Security News https://ift.tt/L8vu1Tr

Does cybersecurity's 'blame culture' affect incident reporting?

A report from Gigamon explores the culture of blame in cybersecurity and its effect on incident reporting.

from Cyber Security News https://ift.tt/AtlPWqp

T-Mobile to pay $350m settlement for data breach

T-Mobile has agreed to pay $350 million to customers affected by a data breach, in an effort to settle a class action lawsuit. 

from Cyber Security News https://ift.tt/OvKYW2S

Identity security is a priority for IT security teams, but not understood by the C-suite

Despite good intentions, over 60% of companies have a long way to go to protect privileged identities and access, according to a Delinea report of IT security decision makers.

from Cyber Security News https://ift.tt/ONG2onf

Cybercriminals are using messaging apps to deliver malware

Cybercriminals have started to use messaging apps like Discord and Telegram to spread malware, according to Intel 471 security research. 

from Cyber Security News https://ift.tt/pXcwz1Y

What you don’t know about compliance can hurt you

When it comes to compliance and data privacy, ignorance is not bliss. Today’s businesses must be aware of the regulations that govern them or risk incurring significant, potentially crippling penalties.  

from Cyber Security News https://ift.tt/2OePCzl

60% of cybersecurity leaders not confident in their cloud security tactics

The Global Study on Zero Trust Security for the Cloud from Appgate and conducted by the Ponemon Institute surveyed security professionals to examine cloud security and zero trust practices.

from Cyber Security News https://ift.tt/nRvHBVM

Malicious attacks are #1 cause of healthcare data breaches

The 2022 Mid-Year Horizon Report: The State of Cybersecurity in Healthcare from Fortified Health Security illustrates how healthcare providers, health plans and business associates need to bolster their security posture.

from Cyber Security News https://ift.tt/oDlIb7A

Cybercriminal dark web enterprises grow

"The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back" report from HP Wolf Security dives into the inner workings of the dark web.

from Cyber Security News https://ift.tt/rEQYhpn

Kelli Burns named SVP, CISO at Accolade

As Senior Vice President, Chief Information Security Officer at Accolade, Kelli Burns will lead the information security business unit and support the overall compliance and risk management function.

from Cyber Security News https://ift.tt/hZrUpD7

Proactive auditing — a key component to an offensive cybersecurity approach

As the number of cyberattacks rise, organizations must reconsider their approach to cybersecurity to be more proactive rather than reactive, which is why the adoption of proactive auditing, among a wider offensive cybersecurity approach, is so essential.

from Cyber Security News https://ift.tt/324qeBx

Minorities in Cybersecurity conference registration is open

The Minorities in Cybersecurity (MiC) Annual Conference will take place from March 28 to 30, 2023 at NYLO Las Colinas in Dallas, Texas.

from Cyber Security News https://ift.tt/XUAWayz

North Korean state-sponsored ransomware thwarted

Two ransom payments made by U.S. healthcare providers were recovered by law enforcement and returned to victims, the Justice Department announced.

from Cyber Security News https://ift.tt/3KFhwcl

Hackers are using phishing emails from PayPal

Cyberattackers are now sending phishing emails from PayPal using social engineering, Avanan research reveals.

from Cyber Security News https://ift.tt/Z9pvirA

DHS purchases of cell phone location data raise privacy concerns

Files released to the ACLU by U.S. Customs and Border Protection (CBP) reveal widespread purchases of cell phone location data by the Department of Homeland Security (DHS).

from Cyber Security News https://ift.tt/02CXbi4

Ethiopian government introduces digital biometric IDs

The Ethiopian government is implementing a national identification program using biometrics to create digital IDs for its citizens.

from Cyber Security News https://ift.tt/HBQJtLk

Mikhail Lopushanski joins Heritage Bank as CISO

Mikhail Lopushanski, a risk management and IT auditing specialist, has joined Heritage Bank as the new Chief Information Security Officer (CISO).

from Cyber Security News https://ift.tt/GPIBWMt

Digital twins & deepfakes: The two sides of this technological coin

Deepfakes, digital twins and artificial intelligence — what are the negative and positive effects of these technologies? Are they good for society or bad? 

from Cyber Security News https://ift.tt/nUpk0dT

92% of enterprises experienced an email security incident last year

The 2022 Email Security Trends Report from Abnormal Security found that 72% of enterprises have experienced over five security incidents due to email threats in the past year.

from Cyber Security News https://ift.tt/FXmGMTN

New cyber apprenticeship initiative to develop & train cybersecurity workforce

The Cybersecurity Apprenticeship Sprint will promote the Registered Apprenticeship model as a solution for numerous industries to develop and train a skilled cyber workforce.

from Cyber Security News https://ift.tt/T9oWp6a

CISA opens first international office

The Cybersecurity and Infrastructure Security Agency (CISA) will open its first Attaché Office in London, England.

from Cyber Security News https://ift.tt/gF4jAB0

Over 50% of enterprises worry about supply chain risks

A new Coalfire report highlights the gravity of software supply chain risk and provides best practices for software buyers and sellers to effectively mitigate threats.

from Cyber Security News https://ift.tt/hOxUV2Z

3 areas of focus for cybersecurity professionals in 2022

In the face of this complex landscape, there are three main areas where risk managers in financial services should focus to continue to evolve their preparedness and response to cybersecurity threats. 

from Cyber Security News https://ift.tt/cDEahN9

The true meaning of zero trust

With all the use and, frankly, misuse, the true meaning of zero trust has become blurred and confused. Here's what organizations must actually do to implement a zero trust charter.

from Cyber Security News https://ift.tt/l9smWQq

Kirk McClain named Chief Security Officer at Accenture Federal Services

As Chief Security Officer, Kirk McClain will lead the AFS Security & Intelligence Directorate, overseeing corporate risk and compliance with security policies and requirements.    

from Cyber Security News https://ift.tt/uHz31fA

(ISC)2 to offer 1 million free entry-level cybersecurity certification exams

 (ISC)² will put one million people through its foundational Certified in Cybersecurity entry-level certification exam and education program for free as part of its One Million Certified in Cybersecurity program.

from Cyber Security News https://ift.tt/wEg3JKA

Can your organization see an insider threat coming?

Insider threats are particularly insidious because the risk is mostly unseen. But is it possible to know from their behaviors if someone is about to go rogue?

from Cyber Security News https://ift.tt/CwiAPTG

3 reasons why cybersecurity must be people-centric

The time has come for cybersecurity strategy to evolve from being technology-centric to people-centric. Here are five key steps to achieve this strategy.

from Cyber Security News https://ift.tt/UBjbcPA

Electric company uses SAP monitoring to bolster cybersecurity

International electric and manufacturing firm Schneider Electric uses a Systems Applications and Products (SAP) security platform from SecurityBridge to bolster SAP visibility. Learn more in this case study.

from Cyber Security News https://ift.tt/SL1ayrW

4 best practices to improve healthcare cybersecurity

Hospitals and health systems can implement four cybersecurity best practices to adopt a security-first mindset and  enhance resiliency and security posture, according to a Fortified Health Security report.

from Cyber Security News https://ift.tt/85OFjbx

The threat within: We need to talk about mental health in cybersecurity

As cybersecurity leaders evaluate the risks that their organizations face, they must account for the risk that stress and anxiety on workers presents in an industry that never sleeps. 

from Cyber Security News https://ift.tt/gV2cJkK

Dustin Glover named Louisiana Chief Cyber Officer

Cybersecurity leader Dustin Glover has been named Lousiana's first Chief Cyber Officer (CCO).

from Cyber Security News https://ift.tt/egbFZqt

Bolstering crisis response practices during geopolitical cyber threats

Several steps to bolster security and crisis response preparedness in the days, weeks and months to come. 

from Cyber Security News https://ift.tt/meyjfCL

Log4j incident response within the community shows collaboration & dedication to security

The Cyber Safety Review Board considers Log4j as an "endemic vulnerability," and provides actionable recommendations for organizations to strengthen cyber resilience and advance the public-private partnership for collective security.

from Cyber Security News https://ift.tt/LrYipld

Quantum computing cybersecurity bill to help strengthen data protection & national security

The House of Representatives has passed the Quantum Computing Cybersecurity Preparedness Act, which would help ensure data protection and strengthen national security. 

from Cyber Security News https://ift.tt/cTaLYXv

Revisions released around internationally recognized information security standards

What are four key changes between ISO 27002:2013 and ISO 27002:2022? Find out here to ensure your organization can continue to meet top information security standards.

from Cyber Security News https://ift.tt/snLJaYy

How a more unified approach to data protection will help in the fight against ransomware

With so many potential vulnerabilities and evolving attack vectors, beating ransomware requires a multi-faceted ransomware prevention strategy, including cybersecurity technologies, data protection and orchestrated recovery, and security processes.
 

from Cyber Security News https://ift.tt/ebC6s9u

Protecting against Windows privilege escalation tactics and techniques

Let's explore common privilege escalation attack techniques and tactics used by attackers and how organizations can implement six security strategies to protect against these cyberattacks.

from Cyber Security News https://ift.tt/C2m0VWu

CISOs rank their top security priorities through 2025

Security leaders prioritize threats to their financial departments, user databases and marketing over third-party risk, according to the TCS Risk & Cybersecurity Study.

from Cyber Security News https://ift.tt/UE1qSlG

Enterprises lack visibility into mobile app security

The State of Mobile App Security in 2022 report from Approov and conducted by Osterman Research identified concerning levels of enterprise confidence in their cybersecurity for mobile applications.

from Cyber Security News https://ift.tt/DloLN0J

Why secure deployment operations management is critical for 5G

You can’t overstate the importance of the current 5G rollout to the wireless industry. Nor can you exaggerate the seriousness of that rollout’s security risks without the right tools in place.

from Cyber Security News https://ift.tt/dACPJEs

Material cybersecurity breaches increased 25% in 2021

A study from Skybox Security and conducted by ThoughtLab surveyed executives and analyzed the cybersecurity investments, practices and performance of 1,200 organizations.

from Cyber Security News https://ift.tt/DOJQEqH

How to avoid common cybersecurity vulnerabilities

In a new podcast episode, Erez Yalon, Vice President of Security Research at Checkmarx, talks how security leaders can avoid common cybersecurity mistakes in their organizations.

from Cyber Security News https://ift.tt/8KNWjcG

CISOs at SMBs face unique cybersecurity challenges

Cynet CISO survey reveals lack of staff, skills and resources are driving smaller teams to outsource security with advanced tools, technologies and services.

from Cyber Security News https://ift.tt/oCFakQA

Solving the identity crisis in cybersecurity

CrowdStrike Chief Technology Officer Michael Sentonas explains why identity security must be an urgent priority for business leaders, as well as how zero trust helps contain adversaries in attacks involving identity, from initial escalation and lateral movement through persistence on the network.

from Cyber Security News https://ift.tt/jIWo42X

Michael Aiello named Chief Technology Officer at Secureworks

Michael Aiello has been named Chief Technology Officer (CTO) at Secureworks, a cybersecurity company.

from Cyber Security News https://ift.tt/CXaJT0g

IIoT, OT cybersecurity challenges: Investments and breaches

Barracuda research finds organizations are struggling to protect operational technology and getting breached as a result.

from Cyber Security News https://ift.tt/QSpseJL

Dept of Energy releases C2M2 version 2.1 for energy cybersecurity

The U.S. Department of Energy (DOE) Office of Cybersecurity, Energy Security and Emergency Response (CESER) has released version 2.1 of the Cybersecurity Capability Maturity Model (C2M2).

from Cyber Security News https://ift.tt/0QKOPcm

Digital forensics technology can help support cyber investigations, incident response

For corporations who can’t fill the vital cybersecurity and forensic positions, the highest cost lies in timeliness: they can’t afford delays in responding to incidents or breaches. Digital forensic tools with automation capabilities may be the answer.

from Cyber Security News https://ift.tt/m2a8gbZ

Big data and smart cities: How to battle the pandemic while preserving privacy

Smart city technologies and urban big data produce data privacy concerns. For any data-driven smart city project to be successful, it must communicate its value and data safety to its primary stakeholders — the citizens. 

from Cyber Security News https://ift.tt/cs26eih

NIST reveals 4 quantum-resistant cryptographic algorithms to prevent future attacks

Four selected encryption algorithms will become part of NIST’s post-quantum cryptographic standard, expected to be finalized in about two years.

from Cyber Security News https://ift.tt/V1nIEsi

Anne Marie Zettlemoyer named CSO at CyCognito

Anne Marie Zettlemoyer has been named Chief Security Officer at CyCognito.

from Cyber Security News https://ift.tt/mkC1e7Y

Ian Wallace named Senior Advisor for Strategy at CISA

Ian Wallace has been named Senior Advisor for Strategy at the Cybersecurity and Infrastructure Security Agency (CISA)'s Office of Strategy, Policy & Plans.

from Cyber Security News https://ift.tt/v391QFz

Marriott suffers data breach due to social engineering attack

Marriott International, one of the largest hotel chains in the world, has suffered another data breach. 

from Cyber Security News https://ift.tt/jeDkpwc

Maui ransomware targets healthcare, public health sector and critical infrastructure

North Korean state-sponsored cyber threat actors have used Maui ransomware to target both the healthcare and public health sectors, according to U.S. cybersecurity alerts.

from Cyber Security News https://ift.tt/REOZQDS

Challenges in smart factory and manufacturing cybersecurity

Manufacturing security leaders are faced with cybersecurity challenges such as a lack of C-suite buy-in, limited budget and vulnerabilities, according to a Capgemini report.

from Cyber Security News https://ift.tt/ix2yOJS

Marielle Nigg-Droog named CISO at BreachLock

Cybersecurity executive Marielle Nigg-Droog has been named the new Chief Information Security Officer (CISO) at BreachLock.

from Cyber Security News https://ift.tt/ziPKp3F

Managing risk in today’s volatile economy

When dealing with security threats, financial fraud and risk, and a myriad of other business challenges, organizations should align on a cybersecurity strategy that includes risk assessments.

from Cyber Security News https://ift.tt/FHR0KNE

QR code phishing scams target users and enterprise organizations

QR codes have become ubiquitous, but cybercriminals are using them to target phishing victims.

from Cyber Security News https://ift.tt/yaLCQm9

Google patches zero-day vulnerability for millions of users

Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild. The security vulnerability affected millions of Google Chrome users.

from Cyber Security News https://ift.tt/sY9Cbck

Why passwords are on the way out, and why we need them anyways

Unfortunately, a passwordless future isn’t here yet — but in the meantime, organizations still need ways to protect their systems and employees from compromise.

from Cyber Security News https://ift.tt/Zwaftcp

Solving the key CX issues for Gen Z consumers

Fixing the Gen Z fraud and false declines problem requires understanding how this generation shops online and what’s causing the issues they face.

from Cyber Security News https://ift.tt/ziQBFhf

Cybersecurity teams and employees disagree on shadow IT use

A study of enterprise professionals at large organizations found that more than half of employees use shadow IT applications at work.

from Cyber Security News https://ift.tt/SHjKqXR

Michael Lillie named Chief Information Officer at OneSpan

Seasoned chief information officer Michael Lillie brings extensive information technology, information security and business strategy experience to his new role at OneSpan. 

from Cyber Security News https://ift.tt/Q95ufot

DoD launches “Hack U.S" bug bounty opportunity

The U.S. Department of Defense (DoD) has launched its first-ever “Hack U.S.” bug bounty program.

from Cyber Security News https://ift.tt/mSsivZn

Automotive industry races against cybersecurity threats

Electric vehicles have become one of the most complex digital devices in the world. Hackers are targeting EVs and their chargers with cyberattacks.

from Cyber Security News https://ift.tt/UC7ZiNY

5 steps to ward off zero-day exploits

Organizations must take a proactive and comprehensive security approach to warding off zero-day exploits. That strategy should include five parts.

from Cyber Security News https://ift.tt/0qRZPyc

Tips to bolster cybersecurity, incident response this 4th of July weekend

Cyber threat actors don't take holidays off. This Fourth of July weekend, take steps to ensure the right people, processes and tools are in place to reduce the risk of cyberattacks, or respond to a ransomware attack. 

from Cyber Security News https://ift.tt/ibWEF91

Jon Raper named CISO at Costco

Cybersecurity leader Jon Raper has been named the new Chief Information Security Officer (CISO) at Costco Wholesale.

from Cyber Security News https://ift.tt/wB9SAgZ

3 security lessons we haven’t learned from the Kaseya breach

The massive Kaseya security breach that impacted thousands forced the industry to re-evaluate their software supply chain security practices. Here we break down the cybersecurity lessons that still need to be learned. 

from Cyber Security News https://ift.tt/ZybI81D

2022 RSAC takeaways: Risk management vs compliance

Compliance is vital. But when it justifies the status quo, a compliance-only approach to cybersecurity can be counterproductive. However, the adoption of a risk management approach can be the most useful to enterprise cybersecurity teams.

from Cyber Security News https://ift.tt/yczCZRf