According to some researchers, up to 61 percent of recent data breaches were a result of a third-party vulnerability. Matan Or-El, CEO of Panorays, discusses the weakest links of supply chain security and how to strengthen them with automated tools.
CenturyLink has opened Black Lotus Labs, which focuses on threat research used to share information with customers as well as initiate takedowns of networks used to support cybercrime activities, says Peter Brecl, a director at the company.
Operating divisions of the Department of Health and Human Services need to shore up security controls - including access controls and software patching - to more effectively detect and prevent cyberattacks, according to a new federal watchdog report.
Facebook's data deals continue to be probed. A criminal investigation of Facebook by federal prosecutors in New York has resulted in records being subpoenaed "from at least two prominent makers of smartphones and other devices," the New York Times reports.
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
As organizations take on more ambitious digital transformation initiatives, their digital risk grows to new levels that require heightened management. RSA President Rohit Ghai explains the need for digital risk management.
Emily Heath is two years into her tenure as CISO at United Airlines. One of her key initiatives is to grow the company's security organization in a manner that emphasizes diversity, inclusion and skills.
Heading into the 2020 U.S. presidential election preseason, the FBI is squarely focused on defending against nation-state hacks or influence. Elvis Chan of the FBI talks about preparations for a cybersecure election.
Few internet-connected devices are built to be secure by default, and the problem is getting worse because many devices are connecting to poorly secured cloud services, says Ken Munro of Pen Test Partners.
In an exclusive interview, IBM Security GM Mary O'Brien talks with ISMG about her first year in this role, addressing the skills crisis, application security, the cloud and how to defend against cyberattacks.
Carbon Black and Optiv have released their 2019 Modern Bank Heists report, which unveils the latest cyber threats to global banking institutions. Report co-author Tom Kellermann discusses the findings and what they mean.
Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.
The Chertoff Group recently participated in a tabletop exercise on defending against cyber-enabled economic warfare. What do the results say about U.S. defenses and resiliency? Adam Isles shares insights.
Security needs to keep pace with the application development life cycle to avoid becoming a roadblock, and automation can play an important role, according to David Meltzer and Lamar Bailey of Tripwire.
A ransomware attack last fall on a company that provides billing and other business services to health plans and hospitals resulted in a breach affecting more than 600,000 individuals, according to Michigan state officials. But what makes breach determination in ransomware attacks so difficult?