The U.S. is setting up a Joint Ransomware Task Force, headed by the Cybersecurity and Infrastructure Security Agency and the FBI, as well as two international initiatives, chaired by the Department of Justice, to tackle illegal cryptocurrency activities related to ransomware.
In this edition, Ari Redbord and Grant Schneider join ISMG editors to discuss the challenges ahead for the U.S. government as it plans to roll out EDR deployments at more than half of federal agencies this year, how stable the stablecoin economy really is and how to improve industry collaboration.
In recent years, AI has emerged as required technology for augmenting the efforts of human information security teams. Bijender Mishra, CISO of Alkem Laboratories, discusses how cybersecurity teams can use AI to form powerful human-machine partnerships that improve cybersecurity.
DevOps is a movement that enables collaboration throughout the entire software delivery lifecycle by uniting two teams: development and operations. The benefits of DevOps can extend to security by embracing modern secure DevOps practices.
The security team’s way forward is to unify with DevOps in its four key...
Die DevOps-Bewegungen vereinigt Entwicklung und Operations - und zwar über den gesamten Prozess der Softwareentwicklung hinweg. Durch moderne DevSecOps-Praktiken lassen sich die Vorteile von DevOps auch auf das Thema Security übertragen.
Für mehr Sicherheit ist die Verschmelzung mit DevOps in folgenden Bereichen...
Die Regeln für den Schutz von Anwendungen und APIs haben sich geändert. Doch viele Unternehmen nutzen noch immer stark veraltete Sicherheitstools.
Laden Sie unser eBook herunter und entdecken Sie die neuen Regeln für die Web-App- und API-Sicherheit.
Erfahren Sie mehr zu folgenden Themen:
Warum Tools die...
When it comes to protecting applications and APIs, the rules have changed. Many organizations still use security tools designed for an earlier era.
Download our eBook to discover the new rules for web app and API security and why:
Tools must fight intent, not specific threats
There is no security without...
Pathlock has merged with Appsian to form a 500-person vendor that secures users and data across SAP and Oracle's ERP apps. Bringing Pathlock, Appsian and Security Weaver together will allow the firm to take a larger bite out of the $110 billion market focused on compliance testing for business apps.
There has been a rise in crypto fraud, and a substantial portion of it can be attributed to stimulus funding and paycheck protection programs, says David Britton, vice president of strategy, global ID and fraud at Experian. He discusses new authentication methods and stricter regulations.
Palo Alto Networks' product portfolio is paying dividends as customers look to reduce their vendor footprint, says CEO Nikesh Arora. He says despite pressures in the global economy, enterprises aren't currently stressing about their IT budgets.
Poor security configurations, weak controls and gaps in authentication protocols are among the common initial access vectors "routinely exploited" by threat actors, the Five Eyes cybersecurity alliance says. Firms offering cybersecurity services weigh in on the gaps and implementation challenges.
Criminals are doubling down on their use of information-stealing malware, such as Cryptobot, RedLine Stealer and QuilClipper, to steal private keys and siphon off cryptocurrency being stored in internet-connected hot wallets or to raid cryptocurrency holders' online exchange accounts.
EDR deployments will be underway at more than half of federal civilian agencies by the end of September, according to federal officials. CISA is currently in the process of deploying EDR across 26 federal civilian agencies and expects to have work underway at 53 agencies by Sept. 30, 2022.
The U.S. Cybersecurity and Infrastructure Security Agency has announced that it is temporarily removing a Windows protection defect from its Known Exploited Vulnerability Catalog because of a risk of authentication failures after the recent Microsoft patch update.
Google will offer customers access to the same technology it uses to lock down developer workflows to ensure open-source dependencies are addressed. Assured Open Source Software will allow clients to ensure third-party software they're using is scanned, analyzed and fuzz-tested for vulnerabilities.