The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.
Following the hacking of a Florida water treatment plant, CISA is warning the operators of other plants to be on the lookout for hackers who exploit remote access software and outdated operating systems - and to take risk mitigation steps. The advice applies to other organizations as well, some security experts say.
Citing a lack of coordination and transparency, U.S. Sens. Mark Warner and Marco Rubio of the Intelligence Committee are urging the four federal agencies investigating the cyberattack that targeted SolarWinds and other organizations to designate a leader for their investigative efforts.
As the investigation into the hacking of a water treatment facility in Florida continues, cybersecurity experts say the incident points to the urgent need to enhance operational technology security. Here are five key questions the incident raises.
If you're like most organizations, you are highly dependent on third-party vendors to efficiently run your business. On the flip side, vendors present risks which can have serious legal, financial and business repercussions, making vendor risk assessments more essential than ever. But how do you effectively assess...
Within the last few years, digital transformation and Cloud services have increased the
complexity of IT infrastructure, making you reliant on multiple third
parties to keep your data safe. The threat landscape has also increased in breadth and depth with more
attacks, more kinds of attacks and more targeted...
The physical breach of the U.S. Capitol by a violent mob, members of which allegedly accessed lawmakers' systems and stole devices, offers cybersecurity professional lessons to learn on authentication, encryption and more, says cybersecurity expert Brian Honan.
Cybersecurity is a legitimate - and significant - business risk, and it's time to frame the topic appropriately, says Robert Hill, CEO of Cyturus. He shares insight on how to discuss cyber risk appropriately with C-level leadership and the board of directors.
The COVID-19 pandemic has had a global impact on lives and businesses.
Expanded use of video conferencing and online services has enabled remote
workforces to continue operations. However, the need to quickly respond and
adapt to the situation may have caused some organizations to overlook security
With digital transformation come new applications and efficiencies in the cloud. But governance, visibility and access challenges also emerge. Ron Bennetan of Imperva shares strategies for improving data governance and security in the cloud.
What are the critical components of a strong enterprise cyber risk management program for healthcare entities? Bob Chaput, founder of security and privacy consulting firm Clearwater, outlines key factors in an interview about his new book on the topic.
With COVID-19 as a backdrop and 5G on the horizon, what will be 2021's top issues in identifying, protecting and defending against attacks across a dramatically expanded threat landscape? This latest CEO/CISO panel addresses the challenges of the new year.
The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security. Institute founder, Josh Magri, describes the updates.