The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. Also featured: an analysis of the latest ransomware trends and insights from former federal advisers Richard Clarke and Robert Knake on cyber resilience.
Like many risk-averse organizations, state and local governments are missing out on the benefits of full-scale cloud adoption because they are paralyzed by the complexities associated with trusting their data to a third party. It's no surprise that government agencies have concerns about storing citizen data in the...
Did you know that public exploits for business applications have increased 100 percent since 2015?Today, over 77 percent of the world's transactional revenue touches an ERP system, making these applications an attractive target for cyber criminals looking to profit from the highly-sensitive and regulated data that...
Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.
Xenotime, the group suspected of launching the Trisis malware attack in Saudi Arabia during 2017, has over the past few months shifted its focus beyond the oil and gas industry to target electrical plants and utilities, security firm Dragos reports.
Not all that crashes has been hacked. To wit, this past weekend there were multiple major outages, including much of Argentina and Uruguay going dark, as well as U.S. retailer Target's system problems leaving customers unable to pay for goods. But none of these outages were due to cyberattacks.
Upgrading to a new OS can be a significant headache for IT teams, taking
up a lot of man-hours and IT budgets. Since there is no automatic in-place
upgrade to transition from Win7's 32-bit to Win10's 64-bit version, the
migration process can be extremely time-consuming - involving multiple
manual steps that can...
Many organizations struggle with the scope of information security and digital risk. Making cybersecurity a true enterprise-wide effort is a challenge that sometimes isn't best to face alone.
Often, the biggest obstacle for information security officers is communicating and helping employees at every level...
Developing an effective, sustainable digital security program is a pressing challenge for organizations of all sizes. CIOs and CISOs are facing an increasingly complex risk and regulatory landscape, coupled with a shortage of skilled, experienced information security (IS) professionals to navigate these evolving...
The White House budget chief is seeking to delay a ban on the U.S. government using products manufactured by Huawei. In a letter to Vice President Mike Pence, Russell T. Vought, the acting director of the Office of Management and Budget, says organizations need more time to switch suppliers.
One of the most-heard complaints from security experts is that often they find their work repetitive ("The CFO's laptop has been compromised... again!"), which results in the desire of trying something "new", meaning "leave for another company." Another common complaint is that the work is very compartmentalized, and...
One of the most famous security breaches in recent memory, the hack of the US Democratic National Convention email server, was conducted via fileless attack. The hack was comprised of targeted emails from seemingly legitimate sources that contained links to infected web pages, which subsequently allowed hackers to...
Perhaps the most important measure that an organization can take is to shift its perspective on cybersecurity from one that focuses simply on perimeter defenses to one that also limits the dwell time of an attacker
who manages to penetrate its environment. This shift limits the potential damage the attacker can...
Technological advances can support the work done by both large and small teams of information security professionals by streamlining many processes and tasks, and enhancing security efficiency. In short, there are technological solutions that help information security teams manage and mitigate advanced threats. These...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
