A startup founded by two Israel Defense Forces veterans and backed by the likes of Insight Partners and Cyberstarts could soon be acquired by CrowdStrike. The endpoint security firm is in advanced negotiations to purchase Silicon Valley-based application security posture management vendor Bionic.
A new IBM study of data breaches found that if an organization's internal team first detects a breach and the organization has well-practiced incident response plans, that organization will be able to more quickly detect and respond, which will lead to lower breach cleanup costs.
Despite the significant advances technology has made over the past few years, email remains one of the best tools for cybercriminals. Training is just one piece of the puzzle. The best defense against today's cybercrime landscape is a multilayered security strategy.
Resilience, not just compliance, is becoming healthcare's primary goal in managing cyber risk. Moving to a more resilient state requires continuous cyber risk management, which requires knowing how an adversary thinks and attacks to ensure that the appropriate safeguards are in place.
"Exposure management has become top of mind for most CISOs" due to three factors: the uncertain geopolitical landscape, the proliferation of the cloud and an increased focus on regulations and compliance, according to Sarah Ashburn, Chief Revenue Officer at Censys.
Attackers targeting the supply chain are "quite predictable in their movements; they want to persist their access, so they're looking for credentials," said Mackenzie Jackson, developer advocate at GitGuardian, who recommends deploying honeytokens to track the predictability of criminals' actions.
At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.
Technology and software-as-a-service, or SaaS, companies ship code at scale. Beyond Identity offers ways for them to solve the problems of phishable authentication factors, bring-your-own devices or BYOD, device security posture, zero trust risk policy enforcement, and user identity.
Ukrainian cyber defenders warn users for the second time this month to be aware of financially motivated phishing campaigns that load the SmokeLoader malware onto computers. Hackers behind UAC-0006 typically target computers used by accountants and look for banking and credential data.
Fifteen months after Russia intensified its illegal invasion of Ukraine, experts say top cyber defense lessons policymakers and defenders should apply include focusing on resilience. Building for resilience acknowledges the inevitability of ongoing attacks.
The purchase of promising early-stage startup Laminar by a large tech vendor would match many M&A deals seen in 2023. The downturn has made it tough for small startups to raise additional funding at an increased valuation, while the push for profitability has left big firms open to only tuck-in M&A.
A top challenge businesses face is the lack of knowledge about what digital assets they have, making it difficult to protect them, respond to attacks, and collect evidence. External threat intelligence and attack surface management are colliding as companies look to respond effectively to threats.
Digital transformation has expanded the attack surface with cloud and SaaS applications and led to more users working outside the corporate network, said Arctic Wolf president and CEO Nick Schneider. Midmarket businesses have prioritized security spending around detection and response.
Pre-RSA social media gaming predicted it. Many predicted they would loath it. And it happened: Discussions at this year's RSA conference again and again came back to generative artificial intelligence - but with a twist. Even some of the skeptics professed their conversion to the temple of AI.
Important lessons about security and risk management aren't being learned, remembered and applied by defenders amid organizations' rapid migration to the cloud, according to the finding that just 5% of security rules, on average, trigger 80% of all alerts, threat intelligence group Unit 42 warns.