A recent survey sponsored by Rockwell Automation finds that critical infrastructure organizations miss basic protections for operational technology, with 80% failing to conduct frequent asset inventory audits, 63% lacking real-time threat monitoring and 42% needing effective patch management.
HelpSystems acquired Dutch red-teaming startup Outflank to help critical infrastructure firms more effectively prepare for cyberattacks. The buying of Outflank will provide clients with a broader range of red-teaming software and services thanks to Outflank's tight integration with Cobalt Strike.
No secret: Public cloud provides the technical catalyst to the healthcare industry’s modernization and the keys to the kingdom in terms of globalization. The resulting access to usable swaths of data is invaluable - and high-risk. ClearDATA's Chris Bowen weighs in on mitigating the risks.
Last year, Rowland Johnson took on the role of president of CREST, the international not-for-profit membership body representing the global cybersecurity industry. Over the past 12 months, he says, he's taken time to "pause and reflect" and "define a new vision and mission" for CREST.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including implications of the Russia-Ukraine cyberwar, the former CISA director’s somber message to the industry at Black Hat, and how the cryptocurrency landscape is changing.
Implementation of security service edge technology has progressed over the past six months from early adopters to mainstream organizations, with requests for proposals around SSE projects now carrying tight deadlines rather than no deadline at all, says iboss co-founder and CEO Paul Martini.
Obsidian Security has in recent months invested in giving enterprises more visibility into how their SaaS applications are talking to other SaaS applications so that supply chain compromise can be more easily detected and thwarted, according to CEO Hasan Imam.
How do you know whether your organization has invested enough money and time in security? As director of information security for Canon EMEA, Quentyn Taylor is often asked this question. "I'll be honest with you - just to set some expectations here, I don't have the correct answer," he admits.
Infoblox has invested in shifting left in the cybersecurity kill chain with on-premises, cloud and hybrid versions of its BloxOne Threat Defense tools, which help security practitioners find and identify threats earlier and mitigate risks, says President and CEO Jesper Andersen.
Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.
Research by Dun & Bradstreet says business identity fraud jumped 254% in 2020. Tools can help prevent this fraud but may create greater friction, say Andrew La Marca, senior director at Dun & Bradstreet, and Ralph Gagliardi, agent in charge, High Tech Crimes Unit, Colorado Bureau of Investigation.
Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.
Companies continue to struggle with prioritizing which vulnerabilities present the greatest risk to the business and need to be remediated first since vulnerability scoring is too often based on a static set of what could happen if an issue is exploited, says Qualys President and CEO Sumedh Thakar.
When security practitioners lose their initial enthusiam for hunting cyberthreats, their companies begin to fail at cybersecurity, says CISO Marco Túlio Moraes. He discusses how collaborating with the business lines and moving from awareness to education all around can help fix this problem.
Hybrid war includes cyberattacks, critical infrastructure attacks and efforts to get information. Victoria Beckman, director of Microsoft's Digital Crimes Unit in the Americas, says Ukraine used a national cybersecurity strategy to withstand such attacks from Russia and so can other countries.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.