Articles Tagged with ''risk management''

U.S. President Biden has signed a new executive order imposing new sanctions on Russia for actions by "its government and intelligence services against the U.S. sovereignty and interests." The administration formally named Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures. 

Meet Ray Espinoza, Chief Information Security Officer at Cobalt. With over 20 years of technology experience and 14+ years in information security, Espinoza’s collaborative leadership style has enabled him to build information security and risk management programs that support business objectives and build customer trust. Here, we talk to Espinoza about common cybersecurity hurdles leadership teams may encounter when restructuring. 

The New Jersey Office of Homeland Security and Preparedness (NJOHSP) and New Jersey Regional Operations and Intelligence Center (NJ ROIC) launched New Jersey Shield on April 14, a program focused on strengthening information sharing and collaboration among the public and private sectors.

Biometric technology, and specifically its most modern iteration, facial recognition, has found its way into security systems essential to everyone. We rely on it to safeguard some of our most prized belongings, including our smartphones, laptops and now, with Apple Pay, even our bank accounts and credit cards. Security experts applaud facial recognition as one of the most secure and efficient means of authentication available today. Why then, has the industry most hinged on security and identification – Banking, Financial Services and Insurance (BFSI) – been so slow to adopt this new wave of technology?

Since Digital Shadows published its first report last year, Initial Access Brokers: An Excess of Access, the company has continued to closely monitor the IAB criminal category. Where it tracked roughly 500 IAB listings in all of 2020, already in 2021 it has found some 200 new listings published by IABs in cybercriminal forums and other dark web sources in just Q1.

Cybercriminals continue to exploit unpatched Microsoft Exchange servers. Cybersecurity researchers at Sophos report an unknown attacked has been attempting to leverage the ProxyLogon exploit to unload malicious Monero cryptominer onto Exchange servers, with the payload being hosted on a compromised Exchange server. 

Recently, TalentLMS partnered with Kenna Security to survey 1,200 employees on their cybersecurity habits, knowledge of best practices, and ability to recognize security threats. Here are some of the staggering results that offer some explanation as to why cybercrime has grown into such a lucrative business:

Zero Trust Architecture (ZTA) is a trendy term touted by cybersecurity vendors. But there isn’t a single ZTA solution. The architecture is composed of numerous components, that when taken together, form a new paradigm for dealing with cybersecurity that is appropriate in a modern world where corporate enterprises are no longer confined to a well-defined and trustworthy perimeter such as remote working and cloud environments. For reference, the National Institute of Standards and Technology (NIST) has created a very detailed ZTA publication 

The New England College of Optometry (NECO) formed a COVID-19 Task Force and began exploring ideas to enable in-person learning at the school in a safe, effective and well-planned manner. One of the solutions that NECO implemented is a contact-tracing tool that allows the school to respond immediately to report of an infection, accurately and effectively, without relying on a sign-in sheet or a person’s recollection of their previous contacts.