In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why security teams are still unprepared for cyberattacks over weekends and holidays, which experts warn is when attackers love to strike.
Security is a leading issue for most organizations. Even so, traditional security approaches often conflict with agile application development methodologies and DevOps practices.
While DevSecOps approaches can bring development, security, and operations teams together, it can be difficult to get started
A global pandemic has transformed the way companies operate, increasing reliance on remote work and cloud-based services. These transformations, however, increase the number of digital risks enterprises are exposed to. The overall lack of control and visibility of cloud-based services, shadow IT, and unsecure internet...
A criminal hack attack has disrupted healthcare in Canada's easternmost province and resulted in the theft of patient information and personal details for healthcare employees. The province of Newfoundland and Labrador disclosed the apparent ransomware attack on Oct. 30, and has yet to restore all systems.
Risk can be a confusing topic, summarized in heatmaps with low, medium, and high as the most accurate indicators.
While valuable to GRC pros, it’s only a small piece of the puzzle. And, more importantly, it’s decidedly not speaking the same language as the rest of the organization.
Risk professionals can now...
Marcus Rameke of Nikko Asset Management Group in New Zealand shares how he led the digital transformation journey to enable it to fulfill new business requirements using an agile approach that made staff more mobile and able to achieve better productivity and revenue and improve client satisfaction.
Managing risks begins with measuring risks. But how do you measure risks accurately? How do you share your findings in a meaningful way to both technical and non-technical audiences?
When measuring risk, the focus should be on what’s meaningful to your audience. And for the most important decisions about...
Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace. What steps should entities take?
Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.
As enterprises invest heavily in digital transformation, industrial cybersecurity will increasingly serve as the critical enabler for safely and securely advancing business goals through technological innovation.
While advancing connectivity and digitalization of operational technology (OT) provides significant...
Industrial asset owners know that protecting the integrity of their systems is critical for maintaining operations, but the challenges around cybersecurity vulnerabilities make that job much harder. As environments become more connected, and attackers become more advanced, staying a step ahead has never been more...
How many ways do U.S. businesses need to be told to lock down their systems to safeguard themselves from ransomware? That's the focus of a new, joint cybersecurity advisory from the U.S. government pertaining to BlackMatter, following an advisory issued last month about Conti.
In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner's Office's recent consultation on creating an international data transfer agreement.
MITRE, the not-for-profit organization that works across governmental and federal agencies, as well as various industrial verticals and academia, has set up The Cyber Infrastructure Protection Innovation Center and The Clinical Insights Innovation Cell to protect healthcare.