Nearly three weeks ago, Iran's state railway company was hit with a cyberattack that was disruptive and - somewhat unusually - also playful. Security firm SentinelOne says analyzing the wiper malware involved offers tantalizing clues about the attackers' skills, but no clear attribution.
As organizations prepare a plan for migrating to the Secure Access Service Edge, or SASE, model, they need to carefully assess the need for reorganization of the networking and security departments, says Nat Smith, senior director, security analyst at Gartner, which coined the SASE term.
Third party vendors are often the weakest link in your organization’s security ecosystem, since most security leaders do not have good visibility or oversight of their security controls. But as the recent breach of SolarWinds or HAFNIUM has made clear, managing third party risk is now an essential part of your...
North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
The Hong Kong Monetary Authority's Cybersecurity Fortification Initiative 2.0, an updated version of a framework designed to strengthen cyber resilience in the banking and financial sector, will officially roll out in January and be implemented over the following two years.
TikTok and WeChat both received reprieves over the weekend that helped avert U.S. blocks of their social media apps. President Donald Trump says he has given his "blessing" to a deal that would see Oracle and Walmart take a stake in TikTok's U.S. operations. Separately, a federal judge suspended a WeChat ban.
An organization has successfully implemented a "zero trust" framework when it can achieve context-aware resolution of a risk, says Dr. Siva Sivasubramanian, CISO of SingTel Optus, an Australian telecommunications firm.
The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is there are world-class teams around the world that are paving the way with new best practices for the next generation of...
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner.
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.
Enterprises need to move away from manual threat detection methods to leverage artificial intelligence, which can help boost defenses, says Dr. Jassim Haji, president of Artificial Intelligence Society, Bahrain Chapter.
Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.