The shift to remote work during COVID-19 has prompted hackers to dramatically boost phishing attacks. The pandemic has led to users reading more corporate email on personal devices and opening messages while distracted by children or pets, increasing the chances they'll click on something malicious.
In the latest weekly update, ISMG editors discuss implications of the seizure of $3.36 billion in stolen bitcoin, whether the EU is complicit in the spread of advanced spyware, and the departure of the U.K.'s Dr. Ian Levy, technical director of NCSC, with some important parting words.
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
Malware activity has increased 28% since last year, and botnet and exploit activity are up over 100%, according to CyberTheory's 2022 Third Quarter Review. CyberTheory Director Steve King says "a new approach to cybersecurity defense" is needed to fight today's cybercrime.
Fortra is the new name of security vendor HelpSystems, but the mission remains: Find new ways to help customers solve cybersecurity challenges. Mike Devine and John Grancarich of Fortra talk about the rebrand, the company's journey, including recent acquisitions, as well as the future.
Convergence of the threat landscape looms large for defenders, and Cybercrime as a Service potentially will enable more destructive attacks at scale. These are among the 2023 threat landscape predictions of Derek Manky of Fortinet's FortiGuard Labs. He shares these and other insights.
How are threat actors taking advantage of unsecured SAP deployments, and what are some of the truly unique aspects of securing SAP? Fortinet's Dan Schrader and Aidan Walden discuss the need to secure SAP migrations and share recommendations for improved defenses.
In the latest weekly update, ISMG editors share how amateur tactics employed by ransomware gangs are leading fewer victims to pay ransoms, why traditional identity controls can't protect against the growing authorized payment scams, and highlights from ISMG's Crypto and Payments Summit.
All employees should consider upholding the security of the organization part of their job regardless of their official role at the company, says Equifax Business Information Security Officer Michael Owens. But creating an organization-wide cybersecurity culture is easier said than done.
CISOs must focus on the business value they're providing, not the technical details of their work, when interacting with the C-suite and board. Don’t focus too narrowly on security risks and technical requirements and miss what the business wants to achieve, says David Nolan, CISO, The Aaron’s Co.
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
With fraudsters evolving their tactics and tricking a growing number of people with authorized payment scams, it's time for banks and security solution providers to explore new ways to protect consumers who are left holding the bag, says Ian Mitchell, managing partner at Omega FinCrime.
Organizations expect the IT security landscape to be consistent - from builds and hardware to operating systems - but for product security, everything Honeywell makes is a snowflake with flexible, highly tailored design across many technologies, says Honeywell Product Security Chief James DeLuccia.