Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
Thirty-four companies have signed on to the Microsoft-led Cybersecurity Tech Accord, which is aimed at protecting civilians from cybercriminal and state-sponsored attacks. The agreement crucially includes a pledge not to help governments with cyberattacks
Stung by signs of Russian influencing of the 2016 presidential election, the FBI is working with social media companies to bolster cybersecurity in advance of the 2018 mid-term election. Elvis Chan of the FBI describes these efforts.
Rob Rendell spent more than a decade in financial services. Now he has joined IBM Trusteer to help financial institutions fight fraud. How will his experience help his customers get their arms around the total cost of fraud?
Department of Homeland Security Secretary Kirstjen M. Nielsen warns that the U.S. will more aggressively move to punish those who conduct cyberattacks. Plus, the department plans to soon unveil a new cybersecurity strategy. Complacency, she says, "is being replaced by consequences."
Fraudsters are now gingerly testing the waters in central and Western Europe with attacks that drain cash machines of their funds, according to a trade group that studies criminal activity around ATMs. Jackpotting in the region rose 231 percent in 2017 compared to 2016.
At the opening of the RSA Conference in San Francisco, executives from RSA, Microsoft and McAfee offered an update on the state of cybersecurity, focusing on WannaCry. They called for the industry to work more closely together to protect not just individuals but also society.
While U.S. agencies and enterprises increasingly understand the nation-state cyber threat, they are woefully unprepared to respond to a sustained attack, says former State Department adviser Morgan Wright. What are we overlooking?
Social engineering attacks, including ransomware, business email compromise and phishing, are a problem that can never be solved, but rather only managed via a continued focus on security awareness training, says Stu Sjouwerman, CEO of KnowBe4.
The U.S. and U.K. warned Monday that Russian hackers have compromised critical internet infrastructure with the aim of spying, extracting intellectual property and gaining footholds for future cyberattacks.
Security researchers are claiming at least a temporary victory over an enormously productive malware distribution scheme that shuffled as many as 2 million users a day from legitimate websites to malware.
To stay ahead of evolving cyber threats, healthcare entities need to deploy a defense-in-depth strategy that includes tapping more advanced tools, including deception technology, says security expert Elie Nasrallah of HITRUST.
Email is still the most common attack vector as a preferred method utilized by attackers because of the overwhelming effectiveness. Phishing attacks have only been increasing and evolving to bypass modern security appliances, endpoint protection, and user awareness training.