According to Expel's Q1 2023 Quarterly Threat Report, criminals are exploiting 1- to 2-year-old vulnerabilities. This suggests organizations don’t know which vulnerabilities pose the biggest threats to their environments, said Andrew Hoyt, Expel's director of solution architecture.
Shadow IT strikes again: Britain's privacy watchdog has reprimanded the NHS Lanarkshire health board in Scotland after finding its staff used WhatsApp for the unauthorized sharing of patient data and images as a workaround for in-person clinical discussions during the coronavirus pandemic.
Generative AI offers productivity gains, but if deployed without due security precautions, it can also open up the organization to new cybersecurity threats. Rodman Ramezanian discusses the pros and cons of different approaches to exploit generative AI safely from a cybersecurity perspective.
A little-known cloud infrastructure provider called Cloudzy has been facilitating nation-state hackers, commercial spyware operations and ransomware affiliates' attacks by failing to keep a close eye on what its customers are doing, researchers at cybersecurity firm Halcyon warn.
Employees need technology that is easy to use and free of errors and that directs them to appropriate cybersecurity guidance when they have questions. Basically, they need technology that helps them to help themselves work more securely, said university professor Steve Furnell.
Atlanta-based trust intelligence firm OneTrust has balanced growth and profitability and now plans to use its $150 million funding round to boost its financial controls and processes and recruit a majority independent board to prepare for an eventual initial public offering, said CEO Kabir Barday.
As more organizations undergo resource and cost pressures, 86% of managed security services customers are deciding to consolidate security tools and outsource their security requirements, according to the OpenText Cybersecurity 2023 Global Managed Security Survey.
A Tennessee-based cardiac care clinic is notifying more than 170,000 patients and others that hackers may have stolen their sensitive personal and medical information in a cyberattack detected in April. The Karakurt cybercrime group claimed credit for the hack a month later.
Human Factor Security expert Robin Lennon Bylenga advised that in building an internal threat management program, it is imperative to not send mixed messages to the broader workforce. It's wise to conduct an assessment of human risk - not just IT risk, she said.
Synthetic ID fraud has moved beyond business-to-consumers to business-to-business fraud as more bad actors are opening fraudulent commercial accounts at financial institutions, said Dori Buckethal, vice president of risk and fraud solutions at Thomson Reuters.
Security is about more than technology, said Paul Watts, a distinguished analyst at the Information Security Forum. It's also about people and process, he said, with the ultimate goal of adding value to what the business is trying to do. Watts discussed how security leaders can achieve this goal.
Organizations struggle with governing the data that goes into and informs large language models since it's in documents rather than spreadsheets or SQL databases, said BigID CEO Dimitri Sirota. Companies need a more effective governance framework for managing unstructured data, Sirota said.
The ongoing rise in open source vulnerabilities and software supply chain attacks poses a growing threat to businesses, which heavily rely on applications for success. Between 70 and 90 percent of organizations’ code base is open source, while vulnerabilities such as Log4j have significantly exposed organizations...
Companies are increasingly concerned about the security of applications built on open source components, especially when they’re involved in mergers and acquisitions. Just like copyright for works of art, each piece of open source software has a license that states legally binding conditions for its use. Licenses...
Fears that cyber insurance coverage drives companies into paying ransomware demands more easily than not appear unfounded, concludes a British think tank study that also suggests insurers should do more to enact corporate discipline. Cyber insurance has been dogged by accusations of moral hazard.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.