Latest

Leadership & Executive Communication

Okta to Spend $1M Helping Nonprofits Improve Their Security

Michael Novinson  •  July 1, 2022

Identity titan Okta has awarded $1.02 million in grants to groups focused on linking nonprofits with the talent needed to configure and manage security technology. Nonprofits have limited access to infrastructure and human capital to address their cybersecurity needs, and Okta hopes to change that.

Cyberwarfare / Nation-State Attacks

ISMG Editors: Russia's War Has Changed the Cyber Landscape

Anna Delaney  •  July 1, 2022

Four ISMG editors discuss important issues, including how Russia's cyber and kinetic wars in Ukraine have changed the cybersecurity landscape, what recent layoffs at cybersecurity firms mean for the industry and how cybercriminals are taking a page out of the white hat hacker playbook

►

Email Security & Protection

The Criticality of Reporting Cybercrimes

Anna Delaney  •  June 30, 2022

For the seventh year in a row, business email compromise produced the largest losses of any type of cybercrime, according to Steve Dougherty of the U.S. Secret Service. He says organizations need to build and maintain relationships with law enforcement agencies before an attack happens.

►

CISO Trainings

Profiles in Leadership: Rob Hornbuckle

Mathew J. Schwartz  •  June 30, 2022

Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.

►

Cybercrime

Ransomware Groups Pursue Fresh Monetization Strategies

Mathew J. Schwartz  •  June 29, 2022

Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.

►

Events

Addressing Misconceptions About Cryptography

Anna Delaney  •  June 29, 2022

Organizations need to move away from spending money on perimeter security and instead focus on "protecting critical assets using encryption and key management," says Brad Beutlich, of Entrust. "At this point in time, the hackers cannot break encryption technologies," he adds.

Cyberwarfare / Nation-State Attacks

Russian Cyberattack on Ukrainian TV Channels Blocked

Mihir Bagwe  •  June 29, 2022

Ukraine says it has thwarted multiple Russian misinformation campaigns, including blocking attempts to penetrate the electronic systems of its TV channels on the eve of its Constitution Day holiday. It also flagged social media accounts spreading fake videos.

►

Events

The Future of Corporate Network Security on the Internet

Anna Delaney  •  June 29, 2022

The emergence of remote working, the cloud, and digital transformation initiatives are prompting companies to look toward replacing traditional on-premises firewalls, say Perimeter 81 co-founder and CEO Amit Bareket and CMO Gily Netzer. They discuss the future of securing hybrid work environments.

►

Events

Move From a Reactive to a Proactive State With Intelligence

Michael Novinson  •  June 29, 2022

Building out a threat intelligence program is no easy feat for even the largest and most resource-rich organizations, and the challenges are only amplified for smaller companies that have limited budget or personnel, according to AJ Nash, ZeroFox's vice president of threat intelligence.

Governance & Risk Management

Italian Watchdog Says Google Analytics a Privacy Violation

Prajeet Nair  •  June 28, 2022

Italy joined France and Austria in warning domestic companies to shy away from Google Analytics. The decision by the Italian data protection authority highlights ongoing legal uncertainty concerning trans-Atlantic transfers of commercial data.

Endpoint Detection & Response (EDR)

XM Cyber Buys Cyber Observer to Better Spot Cyber Exposures

Michael Novinson  •  June 28, 2022

XM Cyber has purchased Cyber Observer to help customers ensure their security products are installed and configured correctly and not opening up potential attack vectors. The deal will help customers see both their areas of exposure as well as how their existing security controls can react.

Cybercrime as-a-service

Ransomware-as-a-Service Gang LockBit Has Bug Bounty Program

Prajeet Nair  •  June 27, 2022

Ransomware-as-a-service gang LockBit has set up a bug bounty program for its malware and for exploitable vulnerabilities it could use to further criminal activities. Whether the program will go as planned is an open question. The gang is offering $1,000 to $1 million in remuneration.