Organizations' migration to the cloud is a broad term that encompasses many different trends: (1) Moving existing applications from private data centers to AWS, Azure, or the Google Cloud Platform as cloud service providers (CSPs), often referred to as lift-and-shift or infrastructure-as-a-service (IaaS); (2) Completely restructuring how applications are built to make heavier use of prepackaged services available on these cloud service platforms – often referred to as lift-and-reshape, serverless, or platform-as-a-service (PaaS); (3) Choosing to forgo running copies of standard applications instead of having the application vendor host them is sometimes referred to as drop-and-shop or software-as-a-service (SaaS).
With the emergence of major public health issues, or crises, such as COVID-19, grant funding for research and program development will be made available from various government agencies to help with the response. Additionally, foundations such as the Bill & Melinda Gates Foundation or Ford Foundation may provide the precious funds to perform the vital work to battle the at hand issue. If fortunate, those in receipt of funding to pursue the global health issue to be addressed will often utilize technology either developed or custom created and implemented to address the critical response, or in the case of COVID-19, slow the spread or research the creation of vaccines.
In new research from HelpSystems interviewing chief security officers in financial institutions about the security challenges they face, more than a third (35%) of survey respondents cite insider threats as one with potential to cause the most damage in the next 12 months.
Spoofed websites are a common avenue for cyberattacks. To better understand the scope of this phenomenon, it’s important for security professionals and organizations to know just how widespread the problem is.
(ISC)² released its 2020 Cybersecurity Workforce Study. For the first time, the study indicates a year-over-year reduction in the cybersecurity workforce gap, due in part to increased talent entry into the field and uncertain demand due to the economic impact of COVID-19.
Starting on December 8, Apple will require all third-party developers to detail their app’s privacy information, according to an Apple post. Security experts note that this new update (iOS 14) puts additional focus on user privacy, and in particular gives users better visibility into their personal information that is shared with third parties.
Security alerts are imperative for effectively mitigating and preventing cyberattacks. But, a key challenge of modern threat protection solutions is the sheer number of alerts they generate – leading to “alert fatigue.”
To learn more about the dangers of alert fatigue, we talk to Mark Kedgley, CTO at New Net Technologies (NNT).
The Office of the Comptroller of the Currency (OCC) reported the key issues facing the federal banking system and the effects of the COVID-19 pandemic on the federal banking industry in its Semiannual Risk Perspective for Fall 2020.
While the technical root causes are the same, the impact of an IoT botnet attack on consumer versus enterprise and industrial devices is vastly different. An attack on a consumer gadget could be limited to a privacy issue, whereas the effect of a successful breach on a commercial device can have a significant production or safety cost. That’s why it’s more critical than ever for IT and OT security professionals to understand and be prepared to defend against this growing threat.
One type of social engineering attack is the personalized-message, which often ends up in the hands of the CEO or another executive who would have access to sensitive files and information. Until recently, email was the dominant medium by a wide margin. However, recently, attackers have started to move to social media and text messages. What can you do about it?
RSS
