An M&A due diligence process must include a comprehensive cybersecurity risk assessment, including all assets, threats, vulnerabilities and control measures, said Bradley Schaufenbuel, vice president and CISO at payroll and HR solution company Paychex.
Managing security in the oil and gas industry involves unique challenges as firms rely on both legacy systems and modern technologies. Many devices in use were built decades ago without current security guidelines, making them vulnerable to cyberattacks, said Bemi Anjous, CISO at Noble Drilling.
The Port Authority of New York and New Jersey is a major transportation hub that oversees regional infrastructure. Initially lacking an OT security program, John Ballentine of PANYNJ recognized the need to adapt security strategies to the unique demands of operational technology environments.
Microsoft announced in December that support for Windows 10 will end when the OS reaches end of life in October 2025, yet enterprise adoption of Windows 11 is moving slowly. Enterprise leaders believe migrating to the new OS will lead to compatibility issues and increase costs to upgrade devices.
Cloudflare's acquisition of Nefeli Networks aims to streamline multi-cloud networking by offering seamless integration and security across cloud platforms. The move simplifies cloud connectivity by providing a unified platform for businesses to manage their network and security policies efficiently.
A cyber threat actor is shifting tactics from conventional malware delivery to a targeted focus on acquiring NT LAN Manager authentication information to potentially collect sensitive data and perform other malicious actions. The campaigns have targeted hundreds of organizations globally.
A new report from the Office of the National Cyber Director calls for the universal adoption of memory-safe programming languages, but experts warned ISMG the process of overhauling legacy information technology and high-impact code can be daunting, costly and risky.
Australian telecom company Tangerine is blaming the compromise of a third-party contractor's credentials for exposing personal information of 232,000 customers, which had been stored in a legacy database. The breach exposed customers' names, birthdates, mobile numbers, addresses and account numbers.
In the latest weekly update, ISMG editors discussed the potential role of AI in cloud security, how the recent cyberattack on Microsoft by Russian state hackers highlighted the vulnerabilities associated with legacy systems, and how to secure APIs in the age of zero trust.
Security experts told ISMG they were concerned Microsoft could suffer future cyberattacks and threats to its customers after a Russian state hacking group managed to evade detection for several weeks while targeting accounts associated with the company’s top executives.
Vulnerability researcher Jesse Chick busted the tacit assumption that data centers are inherently more secure than other computing environments. Devices that are co-located in large data centers and those hosted on-premises share a lot of the same issues and vulnerabilities, he said.
In an age reliant on operational technology, ensuring robust security for diverse industries is crucial. Join us as we discuss operational challenges, highlighting specific threats faced by businesses today. Explore how the powerful alliance between HCLTech and Microsoft empowers organizations to safeguard critical...
Atos snagged the longtime European CEO of Accenture Technology to lead its soon-to-be-independent $5.76 billion cybersecurity, big data and digital unit. Yves Bernaert, 55, will split Atos' infrastructure and data management and business and platform solutions unit from its high-growth Eviden unit.
The rapid adoption of cloud is a double-edged sword. While it offers organizations great opportunities for embracing innovation, it also outpaces security measures, leaving gaps for attackers to exploit. James Campbell, CEO of Cado Security, discussed the risks and vulnerabilities.
Nearly every aspect of modern life depends on industrial control systems (ICS) operating as expected. As ICS devices become increasingly connected, they also become increasingly vulnerable. By and large, commercial and critical infrastructure industrial orgs are underprepared for the digital convergence of their IT...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.