Traditional perimeter-based IT security models aren’t well suited for today’s world of cloud services and mobile users. Savvy attackers can breach enterprise networks and fly under the radar for weeks or even months.
Threat actors always find new and innovative ways to penetrate networks, steal data, and disrupt...
The oil and gas industry continues to be an attractive target
for cyber criminals, making it essential for companies to
adopt a more proactive approach to cyber defense.
Download this case study to learn more about:
How combining industry experience with the right technology can help your organization;
This multinational pharmaceutical
company’s supply chain was distributed
across multiple manufacturing plants
and countries. While it had a good
understanding of the number of OT devices
on its networks, it wasn’t able to clearly
see how assets were communicating and
where vulnerabilities and risks...
In the new world of increased cyber risk, approaches that bridge the
IT/OT divide are no longer optional – they’re mission critical. Executive
leadership expects CIOs and CISOs to anticipate and stay ahead of the
enterprise-wide threat landscape, including oversight of cyber risks
related to industrial...
Digital risk is everyone’s business, from the CEO to the end user. Yet in
many organizations, it’s the IT department that is tasked with managing
and minimizing it.
Gartner predicts that by 2023, 75% of organizations will expand their risk
management programs to address new cyber-physical systems...
As society deals with the second year of the COVID-19 pandemic,
organizations are accelerating digitization to survive and thrive. This
places more focus on operational systems, which are at the heart of
value and revenue creation.
Adding to challenges, cybersecurity is ranked by executives as the
Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.
The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.
A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.
Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a backdoor called ThreatNeedle that moves laterally through networks and can overcome network segmentation, according to researchers at Kaspersky.
Integrating application security into your software development process is critical, but figuring out where to start can be confusing. Downloading Gartner’s Magic Quadrant for Application Security Testing (AST) is a smart place to start.
By reading the report, you’ll learn:
Why modern application...
The Federal Reserve's online money transfer system, including Fedwire Funds and FedCash, suffered an outage for more than three hours Wednesday afternoon, with the Fed citing technical issues as the cause and not a cyber incident. Systems were restored by late afternoon.
The CEOs of SolarWinds, Microsoft, FireEye and CrowdStrike rolled out a series of cybersecurity recommendations to a U.S. Senate panel Tuesday while detailing how foreign actors gained access into their firms' systems as a result of the SolarWinds supply chain attack.
French authorities are warning the country's healthcare sector of the discovery of a glut of stolen credentials, apparently belonging to hospital workers, that were found for sale on the dark web. The alert comes amid a recent rise in ransomware attacks on hospitals and other healthcare entities.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.