If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
New research shows that the automation of five key security controls is lacking at a majority of organizations, says Ted Gary of Tenable.
A key reason why: the lack of skilled cybersecurity professionals.
Improving network security requires understanding your environment and controlling it before implementing network segmentation, says Nathaniel Gleicher of Illumio, who explains lessons that can be learned from the Secret Service's approach.
An employee of the NSA's Tailored Access Operations group has pleaded guilty to mishandling classified information. The material ended up in the hands of Russia after he copied it to his home computer, which had Kaspersky Lab's anti-virus software installed.
Roman Seleznev, the son of a Russian lawmaker who earlier this year received one of the longest sentences ever handed down in the U.S. for computer-related crimes, has been slammed with two more 14-year sentences. He was a key figured in the infamous Carder.su fraud marketplace.
Medical devices are increasingly used by cybercriminals to compromise networks, systems and patient data, says Dr. Jack Lewin of the consultancy Lewin and Associates, who's also chairman of the National Coalition on Health Care. That's why physicians should be advocates for better device security.
Connected medical devices are a significant potential new attack surface that may not be covered by security tools and systems, says Ariel Shuper of Check Point Software Technologies. How can healthcare providers immunize their medical devices against threats before they are compromised?
Centralizing cloud security through security brokers improves data protection and can enable organizations to use more applications, says Gleb Evfarestov of Bitglass.
Cyberattacks are evolving in many ways, including new schemes to steal credentials as well as assaults by lower-skilled hackers using ransomware-as-a-service products, says Eric Rydberg of Sophos.
Because cyberattacks continue to bypass next-generation security technologies, it's important not to underestimate the role humans play in attack detection and threat mitigation, says Rohyt Belani of PhishMe.
A commentary on the need for developers to be more deliberate in securing IT products leads the latest edition of the ISMG Security. Also featured: A report on Congress tackling voting machine security.
Organizations must consider using privileged access controls throughout their entire "stack" of applications, as well as during the app development stages, says Andy Givens of CyberArk.
In the annals of bad bugs for 2017, Apple's High Sierra fiasco could be No. 1. How does one of the world's most well-resourced software developers miss a glaring issue posted in one of its own forums?
Apple's latest desktop operating system, High Sierra, has a massive vulnerability that allows anyone to create, without a password, a "root" account that has access to all files on the computer. It's the third authentication-related fumble found in High Sierra since its general release in September.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.