The SolarWinds attack has cybersecurity leaders everywhere taking a hard look at third-party risk. But it’s one thing to have a fresh strategy and quite another to actually start holding vendors accountable for their own security.
Download this expert briefing to learn:
The areas that risk managers commonly...
The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.
How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
Whether it’s ensuring technology doesn’t go down, employees can work from home securely, or communicating to customers, developing a business contingency plan before a disaster strikes helps to mitigate risks. Unfortunately, many organizations don’t develop a continuity plan until it's too late--resulting in...
With vaccines on the way, there is light at the end of the 2020 tunnel. Once the threat of COVID-19 begins to lesson because of the vaccine, we can hopefully begin to see our economy bounce back. With a more hopeful eye to the future, OneLogin reached out to leaders across the Security and Identity and Access...
The Government Accountability Office is urging the U.S. government to respond more rapidly to cybersecurity issues, especially in the wake of the SolarWinds supply chain attack that led to the breach of nine federal departments as well as about 100 companies.
Left unsaid in Fat Face's "strictly private and confidential" data breach notification to affected customers this week was any indication that the fashion clothing retailer had paid a reported $2 million ransom to the Conti gang to unlock its systems. Fat Face has now confirmed the ransomware hit.
A third-party claims administrator of health and social services programs for the elderly apparently paid a ransom to Netwalker attackers about a month before global law enforcement officials disrupted the gang in January.
The U.S. electrical grid's distribution systems that deliver electricity directly to customers are increasingly prone to cyberthreats, and the Department of Energy needs to do more to protect this critical infrastructure, according to a GAO audit.
With the explosion of remote business, we are now digitizing many of our documents and processes. Entrust’s Jay Schiavo explains what new mindset this shift requires, what’s needed to ensure document authenticity and integrity.
The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.
Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.