CrowdStrike has purchased external attack surface management startup Reposify to help organizations detect and eliminate risk from vulnerable and unknown assets. This deal will allow CrowdStrike to combine its insights on endpoints and IT environments with Reposify's internet-scanning capabilities.
In the latest "Proof of Concept," David Pollino, former CISO of PNC Bank, and Ari Redbord, head of legal and government affairs at TRM Labs, join ISMG editors to discuss ethical concerns for CISOs, cryptocurrency regulations, and potential foreign interference in the U.S. midterm elections.
Learn how to ensure zero trust access to private applications in datacenters, Azure and multi-cloud environments. Leverage your Azure AD user store for Single Sign On (SSO) into any private resource, beyond just SAML-based web SSO.
When it comes to keeping your private apps private, on-prem VPNs lack the agility...
The basic idea behind zero trust is the assumption that all devices and users are untrustworthy until proven otherwise.
Often associated with an identity-centric perimeter, zero trust network access (ZTNA) architecture helps organizations reduce their attack surface by eliminating network-layer risks, but is not...
Internally hosted resources harboring sensitive PII or intellectual property may reside anywhere, from your on-premises data center to public cloud services such as AWS, Azure or GCP. Third parties accessing these resources pose an additional risk, expanding your attack surface to contractors, vendors, resellers and...
The demand for anywhere, anytime
access has grown as the workforce has
become more distributed and cloud
traffic continues to soar.
How can IT leverage a simpler, more
scalable method to securely connect
users to the applications they need?
By bringing network and security
functions closer to users and...
From SolarWinds to Kaseya, Accellion, Log4j,
or Okta, third-party security breaches are
among the most devastating for organizations
affected.
Defense against third-party risk is
a top-tier risk register item, and it is not a one-off either – you need
continuous monitoring to evaluate the security stance of...
Palo Alto Networks has been in a 19-month dry spell when it comes to major acquisitions, but it looks like that's about to change. Israeli business publication Calcalist reported Monday the firm is closing in on a deal to buy New York-based code risk platform provider Apiiro for around $600 million.
SandboxAQ bought French vendor Cryptosense to help organizations migrate and defend key stores and hardware security modules using post-quantum cryptography architecture. Combining SandboxAQ's network scanning capabilities with Cryptosense's visibility will help firms discard RSA-based encryption.
As the Federal Trade Commission focuses on data brokers that collect and share consumers' sensitive information, any company that participates in those activities needs to carefully review its practices, says attorney Daniel Kaufman, former acting director of the FTC's Consumer Protection Bureau.
CISA is months behind a deadline set by President Biden in 2021 to provide voluntary guidance on OT security controls for critical infrastructure firms, but the agency announced at a House subcommittee hearing its plans for public-private information sharing and grants to smaller organizations.
U.S. Democratic senators are urging the Biden administration to update HIPAA to enhance privacy protections over reproductive health data in the wake of the Supreme Court's decision to overturn Roe v. Wade and the constitutional right to abortion.
With concerns mounting over the poor state of internet traffic routing security, the U.S. departments of Defense and Justice, and cybersecurity leadership, are calling for the Federal Communications Commission to take a more active role in managing Border Gateway Protocol vulnerabilities.
Foreign investment into the U.S. will undergo added scrutiny for its implications to cybersecurity and data protection under an executive order signed by President Joe Biden. The order focuses on potential security risks of direct investors as well as their ties to third parties that may pose risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.