In this videocast interview, Theo Zafirakos, CISO, Terranova Security, provides expert analysis of the "Securing Your Third-Party Supply Chain in 2024 Survey" results, including a deep dive into the core conclusions, including the core detriments of poor visibility of cybersecurity awareness, and how to better...
Welcome to the report summarizing the survey, "Securing Your
Third-Party Supply Chain Through Security Awareness."
In late fall 2023, Information Security Media Group partnered with Forta's Terranova Security and surveyed over 100
senior cybersecurity professionals to identify:
The top organizational challenges in...
Federal regulators have released guidance that spells out voluntary cybersecurity performance goals for the healthcare sector. The document is a first step in fleshing out the Biden administration's strategy to push hospitals and other healthcare entities to adopt a stronger cybersecurity posture.
Mimecast announced the acquisition of human risk management solutions specialist Elevate Security as part of its initiative to enhance digital workplace protection. The move aims to address evolving cyberthreats by offering insights into human behaviors and risks and empowering customers.
In the latest weekly update, four ISMG editors discussed the number of ransomware victims who are paying a ransom to cybercriminals, the need for greater cyber resilience during wartime, and the critical role of human risk management in organizational cybersecurity in the era of remote work.
Javvad Malik, lead security awareness advocate at KnowBe4, delves into the transition from cybersecurity awareness to a robust security culture. He underscored the importance of user-centric security, engaging security training and flexible security measures - in addition to MFA.
Senior analyst Alla Valente discusses Forrester's "Predictions 2024: Cybersecurity, Risk and Privacy" report, which outlines five predictions to help security, risk and privacy leaders prepare for the coming year. She also discusses the significance of governance and accountability in the use of AI.
Kai Roer, CEO and founder of Praxis Security Labs, delved into the transformative potential of generative AI in reshaping the mindset and behaviors of security teams and organizations. Amid the buzz around large language models, he highlighted the need for a proactive and adaptive approach.
The Joint Commission is kicking off a new voluntary certification program for hospitals' "responsible use" of health data. The effort aims to help address growing privacy concerns over the secondary use of patient data by third parties for artificial intelligence initiatives and other activities.
Hospitals, clinics and doctor practices have long fallen victim to cyberattacks and breaches kicked off with phishing emails. But with the advent of AI-augmented phishing, the lures are more convincing and could lead to even more scams targeting healthcare organizations, federal authorities warned.
While a significant number of attacks are not yet AI-driven, there's a noticeable shift in the creation of generative malware and lures for business email compromise, warned Ashan Willy, CEO at Proofpoint. LLMs are being used to create enticing lures in foreign languages to target broader audiences.
Many security awareness training programs fail because organizations don't understand the risks they face, said Culture AI's John Scott. He said a successful training program "will help people by making sure that it's targeting the behaviors that address the key risks for the organization."
ServiceNow wants to apply generative AI to its knowledge around how customer environments are configured to help organizations harden their digital attack surface. Security product leader Lou Fiorello said ServiceNow will use generative AI to leverage its presence across the entire enterprise.
Employees need technology that is easy to use and free of errors and that directs them to appropriate cybersecurity guidance when they have questions. Basically, they need technology that helps them to help themselves work more securely, said university professor Steve Furnell.
With social engineering attacks escalating, security organizations should embrace better cybersecurity awareness training to protect their organizations against insidious schemes, said Barry Coatsworth, director of risk, compliance and security at Guidehouse.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.