Shifting demographics and digital transformation drive the risk associated with today's dynamic workforce.Gallup estimates nearly one in three U.S. workers already participate in the gig economy in some capacity. They create a revolving door of joiners, movers and leavers for IT and IAM teams to manage and they...
Video conferencing and collaboration systems are must-have tools for global companies. But new research by Forescout illustrates that elementary security errors in one vendor's system could have allowed attackers to snoop on meetings and view sensitive documents.
In this in-depth blog, a long-time cybersecurity specialist who recently joined the staff of Information Security Media Group sizes up evolving ransomware risks and offers a list of 11 critical mitigation steps.
Improving the security of diverse medical devices is a major challenge for a variety of reasons, according to security leaders at two device manufacturers, who spell out the key issues in this interview.
Several sophisticated cybercriminals gangs are targeting "fuel dispenser merchants" throughout North America, in some cases by planting malware within corporate networks to steal payment card data, Visa warns in a new alert.
What connected devices are sneaking into the enterprise, and the advent of 5G technology only broadens the potential attack surface. Diana Kelley of Microsoft discusses the growing risks from connected devices and how to approach mitigation in 2020.
DevOps started in 2009 and over a decade later we are still stuck in the DEVops phase. Will 2020 be the year of true DevOps, and will 2021 be the year of DevSecOps?
DevOps is a cultural change made possible by a series of tools that automate code development. It's supposed to be the next step of evolution, unifying...
The latest edition of the ISMG Security Report discusses why cyber defense teams need to think more like attackers. Plus, a case study on cross-border payment fraud, and an expert's take on security for the 2020 elections.
Black Hat Europe returned to London last week, featuring two days of briefings covering topics from cryptography and breach response to exploit development and application security. Plus, a packed business hall offered technical demonstrations. Here are visual highlights of the event.
Intel issued a firmware update on Tuesday to mitigate an attack developed by researchers, dubbed Plundervolt, which uses voltage fluctuations to reveal secrets such as encryption keys. The findings are the latest bad news for Intel as researchers have dug deep into its chip architecture.
McAfee's ownership team is exploring a deal to acquire NortonLifeLock, the renamed, publicly traded firm that was formerly the consumer and small business security division of Symantec, according to the Wall Street Journal, which cites "people familiar with the matter."
Is automation making more promises than it can keep?
Automation is still on the upward hype-cycle, according to Garner's 2019 Hype Cycle for Threat-Facing Technologies, which means that security teams too often expect stellar results from automation solutions with little expert oversight. The reality is the...
The latest edition of the ISMG Security Report offers an analysis of the FBI's security and privacy warnings about smart TVs. Also featured: discussions on the security of connected medical devices and strategies for fighting synthetic identity fraud.
Applying offensive hacking expertise and a more adversarial mindset to better hone not just network defenses but also public policy is proving effective, says Jeff Moss, founder and creator of the Black Hat conference.