Federal agents arrested the alleged administrator of the criminal underground forum BreachForums, tracing him to a small town in New York's Hudson Valley. FBI agents say Conor Brian Fitzpatrick, a resident of Peekskill, confessed to being "Pompompurin."
Maintaining compliance is a difficult job -- both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to comprehend the new PCI-DSS 4.0...
Many enterprises want to move away from basic security configuration assessment tools that monitor for CIS controls but don’t have automated remediation or custom reporting. Beatrice Sirchis of Israel Discount Bank of New York shares her perspective on policy compliance beyond SCA.
The software risk landscape has changed – and not for the better. Malicious actors constantly evolve their tactics, techniques, and procedures (TTPs) to find new ways of infiltrating or disrupting organizations, and the software supply chain is now firmly in the crosshairs. A surge of sophisticated and diverse...
Software supply chain security (SCS) is rapidly gaining unwelcome notoriety as high-impact breaches hit the headlines. Third-party software suppliers SolarWinds, Apache (Log4j), and Kaseya have had far more than fifteen minutes of fame, alerting businesses and governments to the extent of structural weaknesses in the...
Ninety-four percent of recent survey respondents are concerned that TLS 1.3 will break their existing security controls. With the ever-expanding amount of encrypted network traffic mandated, it’s important to understand how to balance user and customer privacy with security controls. Join experts from Cisco Security...
In the wake of the pandemic, firms of all sizes have been hit with a new wave of changes and concerns. For many firms, remote and hybrid work is here to stay with some industries and regions experiencing a 10X increase from pre-pandemic levels. The advantages are lower employee and facility costs, but the...
Not complying with the numerous regulations and mandates, including international and U.S State civil codes, can mean serious penalties for enterprise firms. The average cost for exposing Personally Identifiable Information (PII) or intellectual property (IP) data now exceeds $4 million for breach remediation, $4M for...
The transition to PCI DSS v4.0 is a major inflection point for the payments industry – not only does it restructure how risk is assessed, but it also provides a better foundation for meeting ongoing technical innovation. While organizations with mature programs may need comparatively little uplift, all organizations...
Federal officials recently froze the assets of Ethereum blockchain cryptocurrency mixer Tornado Cash, stating that civil and potentially criminal penalties await those who use the service. On this week's "Sound Off," crypto expert Ari Redbord explains why the sanctions are "exceptional."
They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.
Domain name registrars track domain name owners via "whois" data, which is a crucial tool for investigators combating cybercrime. But Kroll's Alan Brill says that since the EU General Data Protection Regulation went into effect, many registrars no longer publicly share such information, and that's a problem.
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
For Cloud Service Providers (CSPs), FedRAMP authorization is the key to accessing the enormous Federal market, tapping into new revenue streams, and making cloud service offerings available for agency adoption and expansion. However, the associated high costs, extensive timelines, and operational burdens can often be...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.