While a number of useful countermeasures are being taken across corporate boards, progress remains relatively slow in the face of borderline existential threats. Not so long ago, companies thought of cybersecurity as a technology problem to be overseen by the chief security officer or the chief information officer, or as a compliance issue to be managed with audit functions. Today, thankfully, a more holistic, proactive and analytical approach is generally taken. There is more security training and better hygiene and most boards now count a seasoned CISO as one of their directors.
Ransomware is one of the most prominent cybersecurity threats organizations face today. Any institution or company (small or large) can fall victim to ransomware – including schools, healthcare providers, educational facilities, non-profit entities, and government agencies. Cybercriminals that deploy ransomware attacks do not discriminate. Thankfully, there are ways to protect your organization from ransomware attacks. In this article, you’ll discover everything you need to know about ransomware as a chief information security officer (CISO), from its evolution to preventative methods to prevention.
BlackBerry Limited released its 2021 BlackBerry Threat Report, detailing a sharp rise in cyberthreats facing organizations since the onset of COVID-19. The research shows a cybercrime industry which has not only adapted to new digital habits, but also become increasingly successful in finding and targeting vulnerable organizations.
Life used to be simpler for security teams. In the legacy world, they had a clear understanding of the environment they needed to protect—typically the standard LAMP stack (Linux, Apache, MySQL, PhP). Within this straightforward, relatively static infrastructure, they could carve out a network layer all for themselves to implement the security technologies of their choice. They also had a direct line to vendors to discuss the security controls that needed to be implemented. But in the age of DevOps and cloud, things just don’t work this way anymore. Four key changes have left security teams struggling to protect applications and organizations.
State of Cybersecurity 2021 report finds that 61% of cybersecurity teams are understaffed
May 4, 2021
The pandemic’s disruption has rippled across the globe, impacting workforces in nearly every sector. However, according to the findings from the State of Cybersecurity 2021 Part 1 survey report from ISACA in partnership with HCL Technologies, the cybersecurity workforce has largely been unscathed, though all-too familiar challenges in hiring and retention continue at levels similar to years past.
In order to remain resilient and meet the emerging priorities around effective supplier management, improved business continuity planning, and increased community engagement, business leaders need to assess and benchmark their performance around three core areas of organizational resilience: operational resilience, supply chain resilience, and information resilience.
The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology.” The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.
Paul Suarez joins Casey's General Stores in the newly created Chief Information Security Officer position at the company, which operates 2,200 convenience stores across 16 states.
Zoom has joined the CVE Program as a CVE Numbering Authority (CNA). The CVE Program’s overall mission is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities that require third-party notification or coordination to fully remediate. Cybersecurity and IT professionals use CVE records to ensure they are discussing the same security issue, coordinate their efforts, and prioritize and address vulnerabilities. The program is an international, community-based effort and relies on the industry norms of the responsible and coordinated security community to discover vulnerabilities.
Human error contributes to almost 95% of security breaches. Most security approaches still fail at making a desired impact. Let’s analyze the two main reasons why businesses fail to develop a robust, human-centric security approach.
RSS
