Federal agencies and Defense Industrial Base organizations need to protect data. They can use the CMMC program, the DOD Zero Trust Strategy, the cybersecurity Risk Management Framework and NIST SP 800-53 with built-in security solutions to mitigate data loss and insider risk.
Atlassian added new urgency Thursday to a warning that customers with on-premises Confluence servers should patch immediately to protect against a vulnerability that attackers could exploit to destroy data. A publicly available exploit now exists for the vulnerability, tracked as CVE-2023-22518.
Secretaries of state and election administrators told the Senate Committee on Rules and Administration that local election offices are facing a critical lack of resources and funding to support essential cybersecurity measures ahead of the upcoming voting cycle.
Until Oct. 7, war was a topic Eli Matara read about in books. That changed when Hamas attacked Israel. "It's no more just a story," said the chief commercial officer of Israeli tech company MedOne. "It's real life." Matara discusses recovery and resilience in this exclusive interview.
Members of Congress don't agree on much these days. But a new bipartisan working group launched in the Senate on Thursday hopes to rally congressional support for potential legislation focused on improving the state of cybersecurity in the healthcare sector.
In the latest weekly update, ISMG editors discuss how Israeli tech companies are supporting the war effort, how the volume of ransomware attacks reached a record high in September and why retailer Costco faces privacy claims for its use of website tracking tools for online pharmacy customers.
Stolen and compromised credentials continue to be the crux of major health data security incidents involving cloud environments. But stronger credential management practices and a focused approach to "least privilege engineering" would help, said Taylor Lehmann of Google Cloud.
Fortinet plans to shift its R&D and go-to-market investments to the faster-growing SASE and security operations segments as growth slows in the network security market. The company expects "more modest growth" in the near term given that 70% of Fortinet's billings today come from network hardware.
Accenture acquired one of Spain's most prominent cybersecurity service providers to better support multinational companies with a presence in the country. The consulting giant said its buy of Madrid-based Innotec Security will add 500 cyber professionals to Accenture Security's 20,000-person staff.
Five regional hospitals in Ontario still have no access to patients' electronic health records and other critical data nearly two weeks after an attack on their shared IT services provider. Ransomware group Daixin Team claims it stole more than 5.6 million patient records in the attack.
A software supply chain security startup led by a longtime Google Cloud engineer closed a Series B round to help protect more open-source software. Seattle-area Chainguard said it can secure approximately 80% of the open-source software existing customers run in their enterprise today.
Oren Eytan spent 25 years in the Israel Defense Forces, rising to the rank of colonel and heading the IDF's cybersecurity unit. Now, as CEO of odix, an Israeli cybersecurity vendor, he is helping his country rebound from the Oct. 7 attacks and support the nation's war against Hamas.
Exterro has purchased a data discovery vendor led by a GE and Symantec veteran to help organizations detect, measure and remediate risk around structured data. The deal will allow Exterro customers to analyze structured data without ingesting tons of information or putting a load on company systems.
Texas-based mental healthcare provider Deer Oaks Behavioral Health is notifying nearly 172,000 patients that their information was potentially compromised in a ransomware incident, even though the attack was apparently quickly detected and contained.
The fallout from the SEC's charges of fraud and internal control failures against SolarWinds and its CISO has implications for the industry. Cordery Compliance attorney Jonathan Armstrong advises security leaders to "take heed and remember that the actions of today can determine your fate tomorrow."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.