When employing a zero trust strategy at an enterprise, cybersecurity teams must consider instituting a least privilege policy — providing only strictly necessary access credentials to employees and revoking them when no longer needed.
Women make up only 24% of the cybersecurity field, according to an ISC2 study. Cybersecurity leaders Sharon Smith, Lori Ross O’Neill, Aanchal Gupta and Meg West discussed how to solve the problem of underrepresentation in the industry at the ISC2 Security Congress 2021.
Axio’s 2021 State of Ransomware Preparedness report reveals that organizations are not equipped to defend against ransomware due to deficiencies in implementing and sustaining basic cybersecurity practices, including managing privileged administrator credentials and ensuring visibility of supply chain risk.
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory regarding BlackMatter ransomware cyber intrusions targeting multiple U.S. critical infrastructure entities, including two U.S. food and agriculture sector organizations.
ThycoticCentrify released new research confirming that ransomware has become a preferred method for cyberattacks, with nearly two out of three companies (64%) surveyed admitting to be victims of a ransomware attack in the last 12 months.
Chris Jacquet, VP and Chief Information Security Officer (CISO) at Hitachi Vantara, explains how best to approach cybersecurity in the boardroom. Being prepared, honest and concise can help a CISO secure much-needed funding for their department.
Despite a company’s belief on how it would respond in the event of a ransomware attack, companies should consider opening a bitcoin account with a nominal amount of bitcoin in it so that it is at least is prepared to timely make the tough decision should the need arise.
Whether remote, in the office or in a co-working space, all employees must be sensitized to cyber threats. It is important not only to provide training for employees but also to give IT security a permanent place in the corporate culture.
Sukumar Reddy Saddi has been named Global Integrity Finance’s Chief Technology Officer. Saddi will lead the company’s end-to-end information technology strategy and development of financial applications.
Alex Jadrich, the Security Operations Manager at the Denver Zoo, outlines how physical security professionals can proactively mitigate risk by instituting an enterprise risk management program in their organization. In a presentation at the IFCPP’s 22nd Annual Conference, Jadrich highlights the benefits of enterprise risk management for physical security.
LendingHome, a real estate loan provider, has named Carrie Weber their new Chief Risk Officer. Weber will develop a risk management strategy for the firm and oversee risk and compliance issues.
(ISC)² published a new research study highlighting the unique challenges diverse cybersecurity professionals worldwide face and provides recommendations to create positive change.
The recent pandemic accelerated a trend towards remote work that has been ongoing for years and, as a result, accelerated usage of cloud-based collaboration platforms and their impact on the field of digital forensics. This article will discuss the trends and challenges associated with these platforms as they pertain to cloud-based data collection and its use in forensic investigations.
We spend a lot of time and effort so we can spot attackers — and for a good reason! But without visibility into our own organizations, we’re left with too much uncertainty. So how can you use more visibility to counter the fog of war?
The Identity Theft Resource Center’s data breach analysis for the third quarter of 2021 has been released, highlighting an uptick in breaches compared to the first half of the year. The U.S. is set to break its own record for most data breaches in a year in 2021.
CISA, the Federal Bureau of Investigation, the Environmental Protection Agency, and the National Security Agency have released a joint Cybersecurity Advisory that details ongoing cyber threats to U.S. Water and Wastewater Systems Sector.
A recent surge in cyberattacks, including SolarWinds and Colonial Pipeline, has intensified a focus on cybersecurity across industrial sectors and critical infrastructure. As a result, the U.S. government and other organizations within the nation’s defense supply chain have taken action to protect the critical assets and organizations that ensure the security and prosperity of our country.
With all the security strategies, architectures, automation tools and activities present, it can be mind-boggling to distinguish one from the other. Like many other security processes, penetration testing and threat hunting are often incorrectly equated. However, the difference between the two is that between prevention and detection.
