The ever-expanding threat landscape and the continued talent shortage mean defenders increasingly need to be ready with the skilled talent to face the onslaught of cybercriminals, who are gaining momentum by employing new tactics, according to Pamela Nigro, ISACA board chair.
Many longtime employees have retired,...
Cybercriminals are becoming increasingly innovative and shifting toward more targeted and destructive attacks, using wiper malware, which was previously only used by APT-focused, nation-state actors. Also, ransom payment demands are reaching seven to eight figures.
Rising worries about the digital security of nongovernmental organizations in the Asia-Pacific region haven't translated into robust adoption of basic measures, shows data from a survey of more than 1,500 regional NGOs. NGOs attract hackers for motives including espionage, opposition and data theft.
President and CEO Sudhakar Ramakrishna says SolarWinds has done massive work implementing security into the build process since the company was hacked in late 2020. Testing, validating and qualifying the integrity of the company's source code has required significant effort, Ramakrishna tells ISMG.
In 2022, 56% of lower education organizations and 64% of higher education organizations were hit by ransomware in the last year.
This is a considerable increase from the 44% of education respondents that reported an attack in our 2021 survey (based on 499 respondents across lower and higher education).
Download...
As cybercriminals evolve their attack techniques, they pose greater risks to the government, businesses and individuals. It’s more critical than ever to improve your security strategy and proactively prepare for the next wave of cyberthreats.
The first step is to understand the latest attack trends and major...
A recent Deloitte digital transformation report found that organizations with higher digital transformation maturity ratings reported 45% revenue growth. Blurry digital boundries is the main reason more companies aren't digitalizing. The ambiguity supplies many opportunities for accidental data leaks and...
A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.
Cybersecurity threat modeling: automated tools or manual methods? It's not an either-or situation, say Stephen de Vries, CEO and co-founder of IriusRisk, and Adam Shostack, president of Shostack and Associates. Each approach brings unique business value, and they discuss the merits of both methods.
Banking and financial services depend on one thing above all else when they digitally transform: proving to customers and partners that information and finances are fully protected. Undertaking a threat modeling strategy offers significant business benefits and can help businesses get ahead of potential...
Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry. The proceeds will bolster its protection for cryptocurrency lending protocols and better defend the money flowing into and out of the cryptocurrency ecosystem.
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
