As a former Marine with expertise in counterintelligence, Human Intelligence (HUMINT) and Technical Surveillance Counter-Measures (TSCM), Jason Passwaters leveraged his international war fighting experience and built uniquely qualified teams at iSIGHT Partners, and then in co-founding Intel 471. His military service taught him to emphasize three areas that can make threat intelligence more targeted and actionable for organizations.
As the light at the end of the tunnel becomes brighter, rethinking the hiring and onboarding process for security talent can be the difference between recovering out-of-work employees, getting them up to speed, and enduring unnecessary difficulties.
The Department of Homeland Security (DHS) will issue a directive later this week requiring all pipeline companies to report cybersecurity incidents to federal authorities. The directive comes two weeks after Colonial Pipeline, which operates the biggest gasoline conduit to the East Coast, was forced to shut down its 5,500-mile pipeline after a devastating ransomware attack.
In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that in early March 2021, the company "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment."
What the COVID-19 crisis is ultimately doing to the cybersecurity industry is shining a spotlight on the cybersecurity talent shortage. What is one of the only benefits of the critical issue, it's that it has allowed many in Northern Virginia to elevate and extend a slew of innovative measures that companies and region are implementing to combat the problem. As they set out to solve the industry talent shortage, Northern Virginia found the following strategies to be impactful steps in tandem toward a solution.
While authentication and authorization might sound similar, they are two distinct security processes in the identity and access management (IAM) space. Authentication is the security practice of confirming that someone is who they claim to be, while authorization is the process of establishing the rights and privileges of a user. Here, we talk to Tehila Shneider about authorization, authentication, and why authorizations remains a problem that is mostly unsolved.
The focus of cybersecurity protection shouldn’t always be about trying to anticipate the latest means or technology that could impact a business, but instead, focusing on the same tactics and how these can specifically adapt.
The threat landscape that organizations are facing is changing rapidly. Increasingly, senior leadership of multinational companies will have to think about the impact of an array of physical, cyber and digital risks to their organizations. To mitigate risk within the enterprise, there should be a renewed emphasis on how to restructure corporate security teams and how to reframe them within corporate structure. Here are some practical considerations.
The FBI identified at least 16 Conti ransomware attacks targeting U.S. healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the U.S.
The increase in cyber insurance adoption and premium prices coincides with a changing — and more challenging — threat landscape, this according to a new GAO report on cyber insurance. The report describes key trends in the current market for cyber insurance, and identified challenges faced by the cyber insurance market and options to address them. To conduct the study, GAO analyzed industry data on cyber insurance policies; reviewed reports on cyber risk and cyber insurance from researchers, think tanks, and the insurance industry; and interviewed Treasury officials.
RSS
