The latest edition of the ISMG Security Report features an analysis of the city of Tulsa's decision to refuse to pay a ransom following an attack. Also featured: Johnson & Johnson's CISO on shifting priorities; mitigating quantum computing risks.
The Department of Homeland Security has issued a cybersecurity directive that requires the operators of oil and gas pipelines to report ransomware attacks and other security incidents to the government and take other security steps.
Customer data, PII, web apps – your strategic assets are digital, and they require a new degree of digital risk protection. In this exclusive panel, CISOs Todd Carroll of CybelAngel and TJ Hart of PlanSource discuss the needs, scope and practical use cases.
More than five months after the SolarWinds supply chain attack came to light, federal agencies continue to struggle with supply chain security, according to a top GAO official who testified before a House committee.
VMware is warning all vCenter Server administrators to patch their software to fix a serious vulnerability that could be used to execute arbitrary code as well as a separate authentication flaw. Experts warn that these and other recent flaws are likely to be targeted by ransomware gangs.
As the head of product security for LeanIX, Michael Lines is primarily focused on risk management, risk assessment and data governance. He tells why he believes that more security leaders and CISOs should focus on risk.
Researchers at Trend Micro say that about 50,000 IPs have been compromised across multiple Kubernetes clusters in a wormlike attack by the cloud-focused cryptojacking group TeamTNT.
The U.S. Department of Homeland Security is preparing cybersecurity regulations for the oil and gas industry in the wake of the ransomware attack on Colonial Pipeline Co. that resulted in the company suspending operations for several days, according to The Washington Post.
Where were you on May 25, 2018? That was the day the EU's General Data Protection Regulation went into full effect. Three years later, some legal and privacy experts say that while the global privacy discussion and expectations have evolved, GDPR still has some growing up to do.
A year ago, Chris Pierson and BlackCloak studied executives at top global pharma companies to learn the extent of password-based vulnerabilities. The findings weren't reassuring. Pierson revisited the study this year with a select few entities to see if the needle has moved in a more secure direction.
The increasing number of cyberthreats, especially ransomware attacks, is leading some cyber insurers to raise premiums and limit some coverage in hard-hit sectors, such as healthcare and education, according to a report from the Government Accountability Office.
Insurance company CNA's apparent decision to pay attackers a $40 million ransom and Colonial Pipeline Co.'s payment of a $4.4 million ransom are stirring debate over whether such payments should be banned under federal law.
The FBI is warning healthcare organizations and first-responder networks about Conti ransomware attacks, advising them to take measures to help prevent becoming a victim.
Ransomware attacks are stuck on repeat: Criminal syndicates have found an extremely profitable business model, and they're milking it for all it's worth. So give the city of Tulsa, Oklahoma, credit for having in place robust disaster recovery capabilities and vowing to remediate, rather than pay criminals.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.