Managing digital risk and building resilience within your organization requires a comprehensive approach that doesn’t stop where your business ends. One also needs to assess and manage risk related to vendors and other third parties, because any threat to those operations can also impact your business.
Average total cost of a breach at enterprises of more than 25,000 employees is $5.52million according to a recent study by Ponemon Institute. This cost is $2.64 million for organizations under 500 employees. The cost of risk is real and growing. These statistics show the impact of just one type of risk, technology...
The rise in breaches over the past few years & especially during the ongoing pandemic has made it clear that many organizations are overwhelmed and struggling to manage risk. Manual assessments and siloed tools can’t keep up with today’s relentlessly changing risk landscape. Continuous monitoring is the key to...
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on Kubernetes security, providing advice on securing container environments from supply chain threats, insider threats and data exfiltration risks.
Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.
Teleworking U.S. national security employees are putting sensitive data at risk if they use public Wi-Fi networks without using a virtual private network to encrypt the traffic, the National Security Agency notes in a new advisory.
The new BlackMatter ransomware operation claimed to have incorporated "the best features of DarkSide, REvil and LockBit." Now, a security expert who obtained a BlackMatter decryptor reports that code similarities suggest "that we are dealing with a Darkside rebrand here."
The lack of adequate security features in critical electric grid equipment that's made in other nations poses a serious U.S. cybersecurity threat, federal officials said this week. Supply chain attacks could take down the grid and result in a lengthy recovery period, they told Congress.
Two U.S. senators are looking to place additional restrictions on the use of telecom equipment from Chinese equipment manufacturers Huawei and ZTE by prohibiting using funds from the $1.9 trillion American Rescue Plan stimulus package to buy such equipment.
Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks. Given that attackers first need remote access to victims' systems, robust patch management and remote desktop protocol security remain obvious must-have defenses.
Cyber insurance provider Coalition Inc. says its clients' average claims for losses when they were hit by a ransomware attack totaled $184,000 in the first half of this year, down 45% compared to the second half of 2020. Negotiating lower ransoms and more efficient recovery were key factors.
The Israeli government paid a visit on Wednesday to NSO Group, the company whose spyware is alleged to have been covertly installed on the mobile devices of journalists and activists. The visit comes as Israel faces growing pressure to see if NSO Group's spyware, called Pegasus, has been misused.