As Cybersecurity Awareness Month kicks off this week, U.S. President Joe Biden has weighed in on his administration's efforts to curb cyberattacks and bolster the federal government's security posture.
Four federal agencies have been awarded $311 million to bolster the U.S. government's cyber defenses and address IT modernization challenges, according to the interagency board of the Technology Modernization Fund, a federal funding source, which made the announcement Thursday.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why enterprises need a multilayered approach to securing identity, how fraud will evolve in 2022 and the need to secure backdoors to prevent ransomware attacks.
The latest edition of the ISMG Security Report features an analysis of how a cryptocurrency exchange bug has revealed North Korean monero laundering. Also featured are cyber insurance trends and cybercrime innovation.
A bipartisan effort to implement cybersecurity incident reporting and the tracking of ransomware payments has been introduced by leaders of the Senate Homeland Security and Governmental Affairs Committee. While it differs from legislation introduced in July, lawmakers hope to reconcile the bills.
Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.
The pace of Conti ransomware attacks has been increasing, with more than 400 organizations globally having fallen victim, warns a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency, which details essential defenses.
The COVID-19 crisis has posed an unparalleled challenge for cybersecurity. Like COVID-19, cyberattacks spread fast and far - creating more and more damage. But the pandemic has also had a positive impact on the cybersecurity function, which Tarun Kumar, CISO at Nissan, describes here.
Organizations are asking more of IT, legal and compliance teams than ever before. They need to manage more data—from more data sources. They must comply with more e-discovery requests. And they're expected to do it all more efficiently. ESG explores these trends in detail in a wide-ranging survey of more than 500...
If you're not "on board" with the Functional Safety Standard EN 50128:2011 - “Railway
applications - Communication, signaling and processing systems - Software for
railway control and protection systems" - you'll need to run to catch up.
Currently the systems included under EN 50128 include
Like his peer CISOs, Amit Basu of International Seaways is concerned about complexity and the shifting landscape. But not just the threat landscape – he also is challenged by the shifting dynamics of business priorities and processes, as well as what "protection" in this new environment now entails.
CISA must update its plans to improve the security - both physical and cyber - within the nation's critical infrastructure, according to a report that specifically looked at issues related to the country's dams and levees. Attacks targeting critical infrastructure have raised the issue.
The Mēris botnet, responsible for huge waves of DDoS attacks recorded by cybersecurity firms Qrator Labs and Cloudflare, is still active, using "abandoned" MikroTik routers. The attack signatures saw a spike of 21.8 million requests per second, exploiting a vulnerable version of MikroTik RouterOS.