Cybersecurity ranked most serious enterprise risk in 2022

A survey of more than 700 U.S. executives by PricewaterhouseCoopers (PwC) identified top enterprise security and business risks observed in 2022.

from Cybersecurity News https://ift.tt/WSBVxiY

What do the Trickbot leaks reveal about Russian cybercrime?

Listen to the latest Cybersecurity & Geopolitical Podcast episode with Ian Thornton-Trump, Philip Ingram, MBE, and Joe Wrieden on the Trickbot leaks.

from Cybersecurity News https://ift.tt/iImAdMa

Registration open for CISA virtual summit on K-12 school safety

K-12 safety leaders and other school stakeholders can register for the Cybersecurity and Infrastructure Security Agency (CISA)'s 2022 National Summit on K-12 School Safety and Security.

from Cybersecurity News https://ift.tt/q9Ry5kn

SIA announces Women in Security Forum scholarship recipients

Seven women from across the security field have received scholarships from the 2022 SIA Women in Security Forum to further educational opportunities and promote career advancement.

from Cybersecurity News https://ift.tt/XPs9Ofo

Public cloud data security blind spots

Many organizations lack visibility into unauthorized public cloud data access, according to a new Laminar survey.

from Cybersecurity News https://ift.tt/BKqzYlg

What cybersecurity measures do CISOs outsource?

Cybersecurity leaders can outsource security to increase their cyberattack readiness. U.S. chief information security officers (CISOs) share their priorities and what they delegate.

from Cybersecurity News https://ift.tt/jHyfGUF

5 minutes with David Mahdi — Establishing digital trust with identity-first security

Security magazine sits downs with David Mahdi, Chief Strategy Officer and Chief Information Security Officer (CISO) Advisor at Sectigo, to discuss why enterprise security leaders must establish digital trust.

from Cybersecurity News https://ift.tt/UNwQAn1

4 CISO strategies for banks combatting business email compromise

Chip Gibbons, Chief Information Security Officer (CISO) at Thrive Network, shares tips for bank security leaders combatting phishing and business email compromise.

from Cyber Security News https://ift.tt/whf5DQE

342m medical records breached since 2009

Medical organizations in the United States have suffered nearly 5,000 data breaches that account for 342 million medical records, according to Comparitech research. 

from Cyber Security News https://ift.tt/GhlkyXs

Convergence is the answer for a defense-in-depth approach

Instead of having 40+ different security products, organizations need to rethink their security approach. Converging cybersecurity tools may be the answer.

from Cyber Security News https://ift.tt/epSgCNP

Elizabeth Wharton named Cybersecurity or Privacy Woman Law Professional for 2022

Elizabeth Wharton, Vice President of Operations at SCYTHE, was honored with the Cybersecurity or Privacy Woman Law Professional of the Year for 2022 by the United Cybersecurity Alliance. 

from Cyber Security News https://ift.tt/LgYushq

Twilio cyberattackers hit over 130 companies using the same phishing campaign

The threat actors responsible for several recent cyberattacks, including Twilio, MailChimp and Klaviyo, compromised more than 130 companies, using the same phishing campaign. 

from Cyber Security News https://ift.tt/EQdaH7r

Increasing cybersecurity awareness in critical infrastructure

Critical infrastructure remains a target for cyberattacks. Security awareness training is critical to preventing business disruptions in the sector.

from Cyber Security News https://ift.tt/MARwhsb

The business effects of nation-state cyberattacks

Machine identities have been used in recent nation-state cyberattacks, according to a study of enterprise security leaders from Venafi.

from Cyber Security News https://ift.tt/bQm5ZJv

Twitter lacks cybersecurity & data privacy best practices, says ex-security chief

Peiter “Mudge” Zatko, former head of security at Twitter, has accused Twitter of “extreme, egregious deficiencies” in its spam and hacker-fighting practices.

from Cyber Security News https://ift.tt/6BU0JEG

4 key areas cybersecurity leaders should focus on

What are four critical areas every cybersecurity leader should invest in to help set up their information security team up for success? 

from Cyber Security News https://ift.tt/VDZ1xW5

(ISC)²: Cyber professionals want remote work

The most satisfied cybersecurity professionals are those who choose where to work, according to a new (ISC)² member poll.

from Cyber Security News https://ift.tt/pNFQdG8

California ADCA bill aims to increase children’s data privacy

The California Age-Appropriate Design Code Act (ADCA) is under consideration in the state. The bill would increase data privacy regulations for users under 18.

from Cyber Security News https://ift.tt/EN6l9Uc

Geopolitics & cybersecurity are intrinsically linked. Cyber strategies must shift

Due to the geopolitical landscape, organizations must adopt cybersecurity risk management supported by a risk-aware culture and security technologies.

from Cyber Security News https://ift.tt/Ftirw0Q

Best practices for cryptocurrency fraud investigations

Matt Price, Head of Intelligence and Investigations, Americas at Binance talks using digital forensics to investigate cryptocurrency fraud and financial crimes in this podcast episode.

from Cyber Security News https://ift.tt/nS7BHLq

Matt Mullenix named Bowman's EVP, Chief Information Officer, Chief Information Security Officer

As Bowman’s CIO and CISO, Matt Mullenix will oversees the people, processes and technologies within the company’s IT/cybersecurity organization.

from Cyber Security News https://ift.tt/hAJtHnd

3 steps to securing healthcare networks

Healthcare cybersecurity teams can improve their network security with a three-point plan focused on prevention, detection and vigilance.

from Cyber Security News https://ift.tt/GVeDyaA

A national data privacy law might arrive sooner than expected

For those of us waiting for a national data privacy law, there’s good news. The American Data Privacy and Protection Act (ADPPA) has already made it further than any other federal privacy law and faster than many expected.

from Cyber Security News https://ift.tt/b1NAOC2

67% of organizations had identity-related data breaches last year

The “Identity Data Management: Roadblock or Business Enabler” report by Gartner Peer Insights and Radiant Logic found that two-thirds of organizations have experienced identity-related data breaches.

from Cyber Security News https://ift.tt/mISBbW0

Apple warns of cybersecurity vulnerabilities affecting millions of devices

Apple has disclosed security vulnerabilities affecting iPhones, Macs and iPads and released cybersecurity software updates for affected devices.

from Cyber Security News https://ift.tt/qk6cj3C

Energy department makes $45m investment in cybersecurity

The U.S. Department of Energy will allocate $45 million to protect the electric grid from cyberattacks.

from Cyber Security News https://ift.tt/HLUsIfp

Cloud attacks on the supply chain are a huge concern

Organizations are concerned about third-party security breaches, with 48% concerned about potential data loss as a result of such risks, according to Proofpoint.

from Cyber Security News https://ift.tt/ygs3bPO

Meta releases election security plan ahead of 2022 midterms

After concerns about misinformation spread via social media affecting the 2020 presidential election, Meta details their policies for voting information ahead of the 2022 U.S. midterm elections.

from Cyber Security News https://ift.tt/KZfdB8a

Key questions to ask when building a cloud security strategy

Data privacy and security, and a lack of in-house cybersecurity expertise, and controlling costs — what are some of the top cloud obstacles? 

from Cyber Security News https://ift.tt/nM7A2hF

Getting ahead of certificate-related outages with automation and visibility

The State of Machine Identity Management report from Keyfactor examined the role of public key infrastructure (PKI) and machine identities in securing modern enterprises.

from Cyber Security News https://ift.tt/I1nCNcK

1044% increase in social media account hijacking

In 2021, the ITRC received the highest number of contacts in its history about identity crimes and requests for assistance to prevent identity misuse.

from Cyber Security News https://ift.tt/Emjv7aQ

Two-thirds of US businesses are targeted by security threats weekly

The “2022 Mid-Year Outlook State of Protective Intelligence Report” by the Ontic Center for Protective Intelligence surveyed risk management & security professionals to determine enterprise threat levels.

from Cyber Security News https://ift.tt/kia6RBs

Survey to explore gender diversity in Australian cybersecurity industry

A survey seeks to determine the gender diversity of the Australian cybersecurity sector and identify how to close the cyber skills gap.

from Cyber Security News https://ift.tt/IHDjMz6

MSP burnout and cybersecurity — fight fire with fire

As much as cybersecurity is emblematic of  Managed Service Providers (MSP) burnout, it can also provide relief. Here are a few ways to fight fire with fire.

from Cyber Security News https://www.securitymagazine.com/articles/98184-msp-burnout-and-cybersecurity-fight-fire-with-fire

5 phases of zero trust in cloud adoption

Organizations looking to expand their cloud adoption can incorporate zero trust principles to manage identity and access across their network.

from Cyber Security News https://ift.tt/r5Xowz0

Key traits of security leaders in cyber resilience

Learn about four levels of cybersecurity resilience.

from Cyber Security News https://ift.tt/rOEUVQ4

Rising to the challenge of modern data security and growing privacy regulations

A master data management approach can help organizations prepare today for tomorrow's data privacy, compliance and regulatory challenges.

from Cyber Security News https://ift.tt/3eFJdms

USB cyberattacks pose a threat to manufacturing & industrial sector

The 2022 Honeywell Industrial Cybersecurity USB Threat Report found elevated threat levels regarding USB-borne cyberattacks on the industrial sector.

from Cyber Security News https://ift.tt/JwQcELx

6 areas to watch in the Software Bill of Materials evolution

Software Bill of Materials (SBOM) are a critical tool in protecting enterprise and government organizations from software supply chain security threats.

from Cyber Security News https://ift.tt/As5Popt

SOVA, Android Banking Trojan, returns

Researchers at Cleafy discovered a version of SOVA that appears to be targeting more than 200 mobile applications, including banking apps and crypto exchanges/wallets.

from Cyber Security News https://ift.tt/Auoz3rQ

Does cyber insurance cover ransomware payment demands?

The BlackBerry Cyber Insurance Coverage study surveyed 450 information technology (IT) and cybersecurity decision-makers about their cyber insurance coverage and ransomware protection levels.

from Cyber Security News https://ift.tt/ymOcFGV

For stronger cybersecurity in the remote work era, just say ‘SASE’

Is your organization a good candidate for Secure Access Service Edge (SASE)? Here are six indicators that suggest it could be.

from Cyber Security News https://ift.tt/g4RDcx3

Cybersecurity lessons from the red team: How to prevent a data breach

Default security configurations, weak passwords and human error are the top vectors for cyberattackers targeting enterprise networks. Penetration testers share how to avoid these cyber risks.

from Cyber Security News https://ift.tt/rG7KS3j

Data security, surveillance practices to be examined by FTC

The Federal Trade Commission will be exploring rules to crack down on lax data security and harmful commercial surveillance. 

from Cyber Security News https://ift.tt/9VgwuUv

How to protect cybersecurity budgets

For chief information security officers (CISOs) and their organizations, the question is not if the cybersecurity budget should be cut. It's how much risk they are willing to take.

from Cyber Security News https://ift.tt/G6et7yZ

Why it pays to be an early adopter of cybersecurity technology

Chief information security officers (CISOs) must be early adopters and explore emerging cyber technology if they hope to keep ahead of cybercriminals.

from Cyber Security News https://ift.tt/rkmZClh

Avoid these employee monitoring blunders

Employee monitoring needs to be approached correctly. Too often, poorly constructed plans, bad communication and unreasonable expectations get in the way of a successful implementation. 

from Cyber Security News https://ift.tt/XvBEN9b

Free toolkit of cybersecurity resources for election security

The Cybersecurity and Infrastructure Security Agency (CISA) released a catalog of free services and tools available for state and local election officials to improve the cybersecurity and resilience of their infrastructure.

from Cyber Security News https://ift.tt/i2KMw7g

The top identity-based attacks and how to stop them: Part 2

Let's explore two top identity-based attacks — phishing and third-party accounts — and ways organizations can implement cybersecurity best practices to defend against these.

from Cyber Security News https://ift.tt/yoCjtDS

Email cyberattacks increased 48% in first half of 2022

Email security threats are increasing, according to the H2 2022 Email Threat Report from Abnormal Security.

from Cyber Security News https://ift.tt/igMf1Rm

Austin Siders named CIO at the University of Southern Indiana

Austin Siders has been named Chief Information Officer (CIO) at the University of Southern Indiana, where he will lead tech and cybersecurity efforts.

from Cyber Security News https://ift.tt/zUP6Eo8

Christine Whichard promoted to CISO at SmartBear

Christine Whichard, new Chief Information Security Officer (CISO) at SmartBear, has been an instrumental leader in the company’s cybersecurity plans, including an overhaul of its Information Security program.

from Cyber Security News https://ift.tt/8Y9mIzG

AMA: Cybersecurity Leadership Edition — Meg West

Security sits down with Meg West, X-Force Cybersecurity Incident Response Consultant at IBM, to answer reader questions about enterprise cybersecurity insights, burnout and more in a new podcast episode.

from Cyber Security News https://ift.tt/eWzZ810

9 security threats in the metaverse

Let's examine nine different categories of threats against the metaverse and inside the metaverse, including cyber-physical crime, financial fraud, legal implications and more, according to Trend Micro.

from Cyber Security News https://ift.tt/o5ZI9Bj

The next evolution of cyber defense: Ransomware-proof object storage

To meet the security issues of today, organizations must now shift to object-based backup storage. 

from Cyber Security News https://ift.tt/IcUFkP5

Trust, transparency and reliability are keys to Web3 success

Web3 is coming — what will that mean for enterprise security? This blockchain-based version of the internet may present new cybersecurity challenges.

from Cyber Security News https://ift.tt/CFa2XSG

Hashed passwords exposed in Slack vulnerability

Office communication platform Slack has admitted to accidentally exposing the hashed passwords of some users. 

from Cyber Security News https://ift.tt/8zKAxVQ

Preventing email phishing attacks this summer with 3 defensive measures

3.4 billion phishing attacks are raining on us every day. With summer now upon us, it seems that everyone is on vacation. Here are three tips to get your business ready for phishing season.

from Cyber Security News https://ift.tt/UWsyeCp

Justin DePalmo named VP, CISO at GDIT

Cybersecurity executive Justin DePalmo has been named Vice President, Chief Information Security Officer (CISO) at General Dynamics Information Technology (GDIT).

from Cyber Security News https://ift.tt/BOpjy6h

Bot attacks target pharmaceutical industry to steal prescriptions

Cyber actors have used credential stuffing bot attacks to obtain and then resell pharmacy account details, giving unauthorized individuals access to prescription drugs.

from Cyber Security News https://ift.tt/oYIUaL5

Deepfakes, cyber extortion, API attacks and other emerging cyber threats

Amid pandemic disruptions, burnout and geopolitically motivated cyberattacks, what are the challenges faced by security teams? VMware's Global Incident Response Threat Report shines a light on emerging cyber threats.

from Cyber Security News https://ift.tt/buBAYqC

How employee upskilling can ease the cyber talent shortage

While the cyber industry has traditionally focused on recruitment, focusing on upskilling workers can help remedy the cybersecurity talent shortage.

from Cyber Security News https://ift.tt/blwvSLJ

The top identity-based attacks and how to stop them

What are the most prominent identity-based attacks and how are they carried out? And how can security teams leverage identity technologies to mitigate those attacks and reduce their organizational risk?

from Cyber Security News https://ift.tt/Nxef3mP

Top malware strains observed in 2021

The Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have released an advisory on top malware strains in 2021.

from Cyber Security News https://ift.tt/JMAvkb6

$9 million research grant targets software supply chain security

North Carolina State University and three partners will research strategies for software supply chain security and building a diverse cyber workforce.

from Cyber Security News https://ift.tt/1aRpiz9

Annette Southgate named Director of Security at Cranfield University

Annette Southgate has been named Director of Security at Cranfield University, a U.K.-based technology, defense and security institution.

from Cyber Security News https://ift.tt/pw6Eyc5

The rise of phygital attacks on critical infrastructure — and how to stop them

The “phygital” attack, which bridges “physical” and “digital,” are a serious threat to critical infrastructure. What can chief security officers (CSOs), chief information security officers (CISOs), and other security personnel do to protect companies against them?

from Cyber Security News https://ift.tt/kq6o5gl

Top 3 web attack vectors in the gaming industry

A new Akamai report reveals that cyberattacks on player accounts and gaming companies increased dramatically in the past year, with web application attacks doubling. 

from Cyber Security News https://ift.tt/re9YMqt

New Kaspersky security vulnerability identified

The Synopsys Cybersecurity Research Center (CyRC) team has identified a local privilege escalation vulnerability in Kaspersky VPN Secure Connection for Microsoft Windows.

from Cyber Security News https://ift.tt/leGq4YL

One-third of organizations experience weekly ransomware attacks

One-third of organizations experience at least one ransomware attack per week, with 9% of enterprises experiencing one daily, according to a report from Menlo Security.

from Cyber Security News https://ift.tt/k3WuDgO

4 key cybersecurity threat trends in 2023

What are some cybersecurity threat trends that will likely dominate the landscape in 2023 and beyond? A new Intel 471 report reveals threats organizations need to prepare for.

from Cyber Security News https://ift.tt/fnEZ7XH

Biometrics as a foundation of zero trust: How do we get there?

How can your organization implement a zero trust security model while safeguarding biometric data?

from Cyber Security News https://ift.tt/EUjskVW

Top 10 universities in US, UK & Australia failing on DMARC

The top universities in the United States, the United Kingdom and Australia are lagging on basic cybersecurity measures, according to new Proofpoint research.

from Cyber Security News https://ift.tt/t7X129v

NSF-funded research aims to improve equity in cybersecurity design

Researchers at the University of Florida and other collaborators are working to understand how inequity in tech and cybersecurity design affects marginalized populations.

from Cyber Security News https://ift.tt/90IJiVE

3207 apps are leaking Twitter API keys

Cybersecurity researchers at CloudSEK have uncovered a set of 3,207 mobile apps exposing Twitter API keys to the public.

from Cyber Security News https://ift.tt/9IYuhtG

The top 5 voice network vulnerabilities

Learn about the five main types of voice scams that can lead to data breaches, security vulnerabilities and loss of productivity for enterprise security.

from Cyber Security News https://ift.tt/THu5CZL

Identity management in a multi-cloud environment

Managing enterprise identities in a multi-cloud environment presents a challenge to cybersecurity leadership. Discover identity and access management (IAM) best practices here.

from Cyber Security News https://ift.tt/mNC8tQp

Michael Neuman named CISO at Backstop

Michael Neuman has been named the new Chief Information Security Officer (CISO) at Backstop Solutions Group.

from Cyber Security News https://ift.tt/Quih9X6

The cost of a data breach averages $15m

The overall average cost of a data breach is now $15.01 million, according to new Black Kite research. 

from Cyber Security News https://ift.tt/WjrdcsT

Telegram — the preferred method of anonymous communication among cybercriminals

Telegram has been growing in use among cybercriminals, Intel 471 found. 

from Cyber Security News https://ift.tt/1dkqori

The cybersecurity skills gap highlights the need for cyber-awareness training

With a significant cybersecurity skills gap and increasing cyberattacks, organizations need all the advantages they can get. A programmatic cyber-awareness training program is one such advantage.

from Cyber Security News https://ift.tt/JgUIzMe

Tenet Healthcare cyberattack cost $100 million

Tenet Healthcare reported it suffered a $100 million financial impact from a cyberattack, mostly caused by lost revenues and remediation costs.

from Cyber Security News https://ift.tt/ifeBhak

The new face of corporate espionage and what can be done about it

Learn about corporate espionage and three key steps security leaders and their companies should take to prevent data exfiltration and other insider threats.

from Cyber Security News https://ift.tt/hpX0OvE

Healthcare organizations must prepare for looming cybersecurity legislation

The Strengthening Cybersecurity in Medical Devices Act has been introduced in Congress — what ramifications will it have for healthcare security leaders?

from Cyber Security News https://ift.tt/DnVLB7o