Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
Publicis Groupe CISO Thom Langford discusses how best to measure your organization's true risk appetite and the business value of blending storytelling techniques into your security awareness programs.
A settlement between the state of New York and a company that provides support services to the healthcare sector serves as a reminder about timely breach notification, including in circumstances when law enforcement agencies are investigating an incident.
Former U.S. CISO Gregory Touhill says the federal government must rethink how it hardens its workforce to prevent cyberattackers from succeeding. Organizations, he says, should regularly conduct cybersecurity exercises to help build their cyber defense.
Bad security habits of consumers whose use of apps is skyrocketing is leading to increased risks for businesses as they ramp up their use of apps as well, says Neil Wu Becker, a global vice president at A10 networks, who emphasizes the need to enforce best practices.
To encourage individuals to improve their security practices, begin by not blaming them. That was one takeaway from security experts at the Infosecurity Europe conference, who offered practical tips for changing user behavior and creating a culture of security.
The identity of the individual or group behind the global WannaCry ransomware campaign remains unclear. But whoever wrote the ransom notes appears to have been fluent in Chinese and pretty good at written English, according to a linguistic analysis from security firm Flashpoint.
A report outlining new ways to recruit and retain cybersecurity professionals in the U.S. federal government leads the latest edition of the ISMG Security Report. Also, the sector considered the most cybersecurity challenged, and the growing interest in virtual private networks.
Legislation to direct the National Institute of Standards and Technology to create a set of tools, best practices and guidance to help small businesses protect their digital assets is heading to the U.S. Senate.
Like many other inventions now common in modern life, distributed cybercrime may seem trivial today. But this concept emerged little more than a decade ago and has already dominated the threat landscape.
Several recent health data security incidents serve as reminders of why healthcare entities need to stay focused on efforts to prevent and detect insider breaches, even as attention is diverted by headlines about hacker attacks.