Much of the friction between CISOs and their general counsels, according to Ron Raether, partner at Troutman Pepper, is the result of ignorance. General counsels don't understand the full extent of IT and information security and often pin the blame on the CISOs, who become the scapegoats.
Hackers are attempting to infect a consumer-grade Wi-Fi router model with Mirai botnet malware following the discovery of zero-days in the device in a December hacking competition. TP-Link released a patch in mid-March. Telemetry shows infections in Eastern Europe and elsewhere.
An obscure routing protocol codified during the 1990s has come roaring back to attention after researchers found a flaw that would allow attackers to initiate massive distributed denial-of-service attacks. Researchers from Bitsight and Curesec say they found a bug in Service Location Protocol.
The transition to the cloud at a fast pace during the pandemic affects information security to this day, said Amer Deeba, co-founder and CEO, Normalyze. Cloud drove innovation but left organizations wondering where the data was going across multiple clouds and what was the best way to secure it.
As enterprises adopt new technologies for security, there is always a risk of vulnerabilities and gaps. NetSPI is a cybersecurity company focused on bridging this gap - from penetration testing and automation products in a unified data model to deliver better solutions.
Cybersecurity incidents can have high-profile impacts on the business - from schools to hospitals. But many incidents that disrupt businesses don’t make front-page news. SEI Sphere's Mike Lefebvre said it's time for security vendors to act as fiduciaries - in the best interests of their clients.
Six individuals - including five former employees of a Tennessee healthcare organization - have pleaded guilty to criminal HIPAA violations in an alleged scheme involving the sale of motor vehicle accident patient information to third parties. One of the defendants has been sentenced so far.
When you create proprietary code, even using a component of open-source code within a subcomponent could cause your project to become open-source code.Jeanette Sherman of Mend Security discusses the need to identify open-source code and the license types being used.
Digital communication has fundamentally transformed how businesses operate today, with employees relying on email, instant messaging and other tools to collaborate and communicate effectively. This shift has also introduced new security risks, as humans are a primary target for attackers.
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. A group's newly dubbed "Educated Manticore" is sending Iraq-themed bait to coax deployment of an implant known as PowerLess.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.
ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of the latest speakers and hot topics, including the continuing conversation about generative AI and the decline and fall of blockchain. Join us for daily updates from San Francisco.
The increase in attack vectors and new threats has prompted companies to invest heavily in cybersecurity tools. But CISOs struggle with managing siloed products that do not integrate with each other. Consolidation of security architecture is a priority for CISOs, said Check Point's Itai Greenberg.
Cybersecurity is "a full-time task" that requires a lot of discipline, says Ajay Sabhlok, CIO and chief digital officer at Rubrik. He discusses tips for increasing your company's cyber maturity, ideas about how CIOs and CISOs can align, and advice on what not to do, such as pay a ransom.
An Indian court convicted 11 people for their roles in the North Korean heist of $13.5 million in 2018 from Pune-based Cosmos Cooperative Bank. The United Nations attributed the thefts to North Korea, which uses criminal activity, including financially motivated hacking, to obtain hard currency.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.