In light of emerging cyberthreats, including ransomware, organizations must change how they assess their cyber insurance options, says Ken Suh of Beazley.
With new threats targeting the nation's critical infrastructure, partnerships among government and private-sector security professionals are more critical than ever, says Brian Harrell of the new U.S. Cybersecurity and Infrastructure Security Agency.
Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.
Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords. The exploits come despite both vendors having released patches several months ago - Pulse Secure in April, Fortinet in May.
After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn.
Where have all the hacktivists gone? While the likes of Anonymous, AntiSec and LulzSec became household names in the early 2010s, in the past three years the number of website hacks, defacements and information leaks tied to bona fide hacktivists has plummeted.
VMware is acquiring cloud security firm Carbon Black in a $2.1 billion cash deal to bolster the virtualization giant's security portfolio. It's also acquiring Pivotal, a company that focuses on helping its customers build applications in the cloud as well as through new technologies such as containers.
Hunterdon Healthcare in New Jersey is shifting applications to cloud providers in order to tap into security capabilities and innovation that doesn't run as deep in the integrated healthcare delivery system's own technology team, says Jason Tahaney, the organization's director of IT.
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday.
Progressive companies seeking to improve their security are increasingly adopting bug bounty programs. The theory is that rewarding outside researchers improves security outcomes. But in practice, bug bounty programs can be messy and actually create perverse incentives, says bug-hunting expert Katie Moussouris.
Cryptomining malware has exploded on the threat landscape, becoming one of the most common malware attacks and posing a significant risk to your IT assets.
Here are the answers you need: what it does, how it gets in, and how to recognize and prevent it.
Download the report.
As businesses grow and change, so too does the nature of risk. Technology plays a critical role in managing risks related to one area in particular: third-party risk management (TPRM).
Adapting technology to industry-specific needs, a deliberate rollout strategy and effective change management processes all play...
Why is fraud that originates on mobile devices growing at such a rapid rate? Brooke Snelling and Melissa Gaddis of iovation offer an analysis in this joint interview.
The European Central Bank has closed one of its websites after its IT staff found that a hacker compromised some personal information on the site and also planted malware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
