Red Canary recently partnered with VMware and Kroll to conduct a State of Incident Response survey. Greg Bailey and Keith McCammon discuss the surprising findings – and how traditional IR programs are tested by the shifting threat landscape.
This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.
As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery.
Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached. Extortionists are reportedly demanding a $50 million ransom - payable in monero cryptocurrency - for a promise to delete the stolen data.
A bipartisan group of senators introduced a federal breach notification bill Wednesday that would require federal agencies, federal contractors and organizations that are considered critical to U.S. national security to report security incidents to CISA within 24 hours of discovery.
Cybereason, Rapid7 and Microsoft announced acquisitions this week designed to boost their security capabilities. Meanwhile, DevOps security firm Sysdig made a move to add infrastructure-as-code security to its portfolio.
Two-factor authentication (2FA) is the simplest, most effective way to make sure users really are who they say they are. But, not every two-factor solution is the same. Some vendors only provide the bare minimum needed to meet compliance requirements – and some carry lots of hidden costs for deployment, operation...
Tech and security analysts predict enterprises will shift to passwordless authentication for users to enable modern digital transformation. This is mainly prompted by the problems that have plagued passwords: they’re costly and burdensome to manage; they cause poor user experiences; and they are easily compromised....
Remote access at massive scale brings with it new challenges. There are threats to users - like phishing, brute-force attacks and password-stealing malware. Devices are also targeted by exploit kits and known vulnerabilities affecting out-of-date software. VPN, RDP, third-party vendors, and cloud and web app access...
Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50 tactics, techniques and procedures that Chinese state-sponsored cyberattackers are using to target organizations in the U.S. and allied nations.
For the eighth time running, Splunk was named a "Leader" in Gartner's 2021 Magic Quadrant (MQ) for Security Information and Event Management (SIEM).
Thousands of organizations around the world use Splunk as their SIEM for security monitoring, advanced threat detection, incident investigation and forensics,...
is rewriting what a
successful financial services
organization looks like.
However, running an information-driven business in
this sector does not come without its challenges!
Finance is one of the most targeted industries by
cybercriminals. The rate of data breaches within
A greater level of cooperation is needed between the DOD and DHS to ensure that U.S. critical infrastructure is protected against various cyberthreats, according to an inspector general's report. The SolarWinds attack showed the need for more coordination between the two departments.
This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.