To help mitigate the risks of state-sponsored cyberattacks against India's critical infrastructure - and improve detection and response - requires industry collaboration and information sharing, root cause analysis with specialized forensics, and better testing of code, a panel of experts says.
The adoption of the Secure Access Service Edge, or SASE, model is being driven by numerous factors, including the need to bring down administrative costs and to effectively manage network security, according to a panel of experts who offer implementation advice.
Several healthcare entities are reporting health data breaches in the wake of an incident involving a vendor's employee who uploaded files containing patient data to the public-facing, open-source software development hosting website GitHub. How can entities avoid such mishaps?
A Kansas man faces federal charges for allegedly accessing the network of a local water treatment facility and tampering with the systems that control the cleaning and disinfecting procedures, according to the Justice Department. The charges follow a similar security incident at a Florida facility.
The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.
To help prevent and defend against emerging cyberthreats, CISOs must develop a multi-line defense strategy and invest in threat-hunting capabilities and orchestration, a panel of cybersecurity experts advises.
Recent research highlights the growth in risky remote work behaviors. Dr. Margaret Cunningham of Forcepoint X-Lab discusses the implications of this increase in insider threats and shares risk mitigation strategies.
A Russian national who conspired to extort millions from electric car manufacturer Tesla by trying to plant malware in the company's network has pleaded guilty to a single federal conspiracy charge, according to the U.S. Justice Department. The FBI thwarted the plot before it could be carried out.
Insider risks are one of the top concerns of security and compliance professionals, and industry studies have shown that insider risks are often associated with specific user events or activities. Protecting your organization against these risks can be challenging to identify and difficult to mitigate. Insider risks...
To assist organizations with making actionable decisions on the adoption of contextually-aware platforms, Enterprise Management Associates (EMA) conducted primary, survey-based research on the current requirements, use, and outcomes of utilizing contextually-aware identity and access management (IAM) solutions.
The U.S. Marine Corps looks to expand its insider threat program and seeks proposals to include activity monitoring technology on its enterprise and classified networks. The goal is to give the Marines greater ability to monitor network traffic and stop insiders from exposing data.
Vulnerability management is more than assessment scanning. It involves the understanding of risk and the integrating of people and processes to remediate the most sensitive assets in the network.
Download this report to understand how enterprises must automate vulnerability prioritization and remediation. Moreover,...
Russian-Dutch multinational e-commerce company Yandex sustained a data breach in which 4,887 customer accounts were compromised after an employee with systems admin privileges gave unauthorized access to attackers.
Changes in work environments, including the transition to remote working, have led to an increase in demand for assessing and managing insider risk. Security and risk management leaders should evaluate how insider threat solutions can support their security objectives without alienating their workforce due to privacy...