The insider threat is not a new risk for security teams. And, in the wake of COVID-19 and the newly remote workforce, there has never been a greater need for organizations to better balance their efforts to defend against both external and internal threats.
Maintaining security awareness is something that many companies struggle to maintain, particularly in the logistics and transportation sectors. Even though there are major threats to these industries, awareness of threats remains low.
A security team can sink an infinite amount of time and resources into strengthening your infrastructure, but it’s all for nothing if a default password is used by an exec, or someone in HR makes the mistake of responding to a clever phishing message.
Cybercriminals will always find the path of least resistance and for most organizations the easiest way in is through the people.
One of the most important realities for enterprises to accept is that software security can only happen if developers have both the tools and the training to code securely. Here, we speak to Chris Wysopal, Chief Technology Officer and co-founder at Veracode about trends in software security and what organizations can do to make developers better at secure coding.
Brian W. Lynch, a former FBI and Vanguard executive with leadership experience in security, risk, law enforcement, and anti-terrorism, will become the new Executive Director of Safety and Security at RANE (Risk Assessment Network + Exchange).
As companies begin to strategize how their employee office structure will look over the next several months – be it phasing in a portion of the workforce into the office or considering a fully remote workforce - top of mind will be the organization’s security posture and that IT teams can support the needs of employees and the business in a capacity that ensures a smooth, secure transition.
The Government Accountability Office (GAO) has released a new report, noting that the Department of Defense (DOD) has not fully implemented three of its key initiatives and practices aimed at improving cybersecurity hygiene and is at risk of cyberattacks.