Increasingly, a physical security director's role, the branch of computer security that is specifically related to the Internet, with issues involving fraud and the protection of transfer of data and a company's brand.
Help us recognize the unsung heroes of the security industry by nominating a security leader to be named one of Security magazine's 2021 Most Influential People in Security! We are looking to highlight enterprise security executives, who through their own organizations and externally, have made significant and influential contributions to the enterprise security profession, continue to push security forward both inside their own organizations and in the industry as a whole.
Peloton’s leaky API has allowed any hacker to obtain any user’s account data — even if that user had set their profile to private.
The vulnerability, which was discovered by security research firm Pen Test Partners, allowed requests to go through for Peloton user account data without checking to make sure the request was authenticated. As a result, the exposed API could let anyone access any Peloton user’s age, gender, city, weight, workout stats, and birthday.
SecureLink and Ponemon Institute today released a new report titled “A Crisis in Third-party Remote Access Security”, revealing the alarming disconnect between an organization’s perceived third-party access threat and the security measures it employees. Findings revealed that organizations are not taking the necessary steps to reduce third-party remote access risk, and are exposing their networks to security and non-compliance risks. As a result, 44% of organizations have experienced a breach within the last 12 months, with 74% saying it was the result of giving too much privileged access to third-parties.
Thursday, May 6 is World Password Day, a day dedicated to promoting safer password practices. Strong password management has been especially important as cyberattacks have skyrocketed since the onset of the pandemic and the switch to remote work. Here, security executives share their insight and tips on how to create and promote safer password practices in the enterprise and among employees.
Lookout, Inc. released a report showing that mobile phishing exposure doubled among financial services and insurance organizations between 2019 and 2020. The Lookout Financial Services Threat Report illustrates that these organizations were not immune to mobile phishing despite an increased adoption of mobile device management (MDM).
Digital Shadows released new research into the movement of cybercriminal marketplaces with a feature on Genesis market. According to the Digital Shadows Photon Research Team, Genesis is a high-profile and trusted repository of digital fingerprints that has grown in popularity since it was launched in beta in 2017. In 2020, Genesis commanded 65% of mentions across criminal forums for fingerprinting services. While other markets have come and gone, Genesis continues to endure and has grown year-on-year. In the last two months alone, more than 5,000 new listings have been added to Genesis, bringing the total number of listings to more than 350,000.
As we continue to embrace hybrid work, chief information security officers (CISOs) and compliance teams are wading through and in some cases even overlooking many different areas related to collaboration security. We’ve highlighted the top three areas of risk in this post which should keep CISOs awake at night. The remote workplace continues to evolve at lightning speed, and so too should CISOs – or risk sensitive materials ending up in the wrong hands.
While a number of useful countermeasures are being taken across corporate boards, progress remains relatively slow in the face of borderline existential threats. Not so long ago, companies thought of cybersecurity as a technology problem to be overseen by the chief security officer or the chief information officer, or as a compliance issue to be managed with audit functions. Today, thankfully, a more holistic, proactive and analytical approach is generally taken. There is more security training and better hygiene and most boards now count a seasoned CISO as one of their directors.
Ransomware is one of the most prominent cybersecurity threats organizations face today. Any institution or company (small or large) can fall victim to ransomware – including schools, healthcare providers, educational facilities, non-profit entities, and government agencies. Cybercriminals that deploy ransomware attacks do not discriminate. Thankfully, there are ways to protect your organization from ransomware attacks. In this article, you’ll discover everything you need to know about ransomware as a chief information security officer (CISO), from its evolution to preventative methods to prevention.
Databases are the nerve center of our economy. Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. Database attacks are potentially crippling-and relentless. View
Get our new eMagazine delivered to your inbox every month.
Stay in the know on the latest enterprise risk and security industry trends.