Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.
Facebook is edging closer to launching its own cryptocurrency, with a rollout expected this year, The New York Times reports. But some critics argue that the project seems more like a trendy and unnecessary redressing of a PayPal-like system with a blockchain.
The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
Ireland's privacy watchdog has its eye on Facebook. Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook.
An "authorized third party" exposed a Dow Jones database with more than 2.4 million records of risky businesses and individuals on a public server without password protection. The incident points to the importance of proper vendor risk management, security experts say.
Windows, MacOS and Linux operating systems don't sufficiently protect memory, making it possible for a fake network card to sniff banking credentials, encryption keys and private files, according to new research. Fixes are in the pipeline, but caution should be used before connecting to peripherals in public areas.
Guarding against threats targeting end users is among the top security priorities this year at a large group of surgical centers in Washington state - and artificial intelligence could play an important role, says CIO Curt Kwak of Proliance Surgeons.
Michael Cohen, former personal attorney for President Trump, told a Congressional committee Wednesday morning that the president was aware his longtime associate, Roger Stone, was in communication with Julian Assange of WikiLeaks about plans to dump a collection of hacked Democratic National Committee emails.
The U.S. military curtailed the internet access of an infamous Russian trolling operation around the mid-term elections in November 2018 to stem the spread of noxious disinformation and also directly contacted some of the troll-factory employees by name, the Washington Post reports.
Just days after Drupal warned of a "highly critical" flaw in its web services modules, hackers came calling, exploiting the content management system vulnerability to install cryptocurrency miners and other malicious software on sites, security experts warn.
Every threat hunt starts with intelligence. As one of the industry's most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.
Facebook's effort to stem the flow of fake news globally has been ineffective, allege some fact checkers who have collaborated with the social media giant to identify and debunk false stories. Is the social media giant merely conducting a public relations exercise?