Security firms must increasingly follow U.S. government security requirements even if they don't serve federal agencies themselves, says Avi Shua, Orca Security co-founder and CEO. That's because cloud vendors such as Orca often serve businesses that contract or subcontract with the U.S. government.
In the latest weekly update, ISMG editors discuss how organizations can comply with the new PCI DSS 4.0 requirements, whether other countries should follow the U.S. lead on legislating software bills of materials, and key strategies for CISOs preparing for an economic downturn.
Atos turned down an unsolicited $4.12 billion offer from rival Onepoint to acquire the French conglomerate's $4.8 billion cybersecurity, big data and digital business. Atos received a letter of intent Tuesday related to the acquisition of its Evidian business by Onepoint and private equity fund ICG.
Zscaler has bought out of stealth a startup established by the founders of Lacework to automate security management and dramatically reduce incident resolution time. ShiftRight will give customers real-time visibility into their security posture and help them manage an influx of risks and incidents.
Hackers may shift malware attacks into technical environments beyond the reach of endpoint detection and response, says Mandiant. The threat intel firm says it uncovered a novel malware family targeting VMware hypervisors and virtual machine appliances.
Over his 23-year career in cybersecurity, Tom Kellermann has focused on policy, endpoints and even strategic investments. Now, in his new role as senior vice president of cyber strategy at Contrast Security, his mission is to protect code security - particularly in the public and financial sectors.
The United States is arguably involved in a cyberwar against Russia and China - and appears to be losing. In this episode of "Cybersecurity Unplugged," Tom Kellerman of Contrast Security and Richard Bird of Traceable.ai discuss what the U.S. government and companies need to do to win this cyberwar.
The latest edition of the ISMG Security Report discusses what went wrong for Optus in the wake of one of Australia's biggest data breach incidents, the state of code security today and the growing trend of private equity firms pursuing take-private deals.
Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
How do you assess the security of your own supply chain and provide assurances downstream? Knowing how to generate and leverage a software bill of materials (SBOM) is essential. In this webinar, you will learn how to satisfy regulatory and buyer requirements and build confidence and security into your software supply...
Identity protection, XDR, data analytics and cloud security have been SentinelOne's biggest investment areas, says CEO Tomer Weingarten. Cloud has become the fastest-growing part of SentinelOne's business, appealing even to customers who might have chosen a different vendor for endpoint security.
A compromise assessment answers the all-important question: Have you been breached? Even the most secure organizations routinely commission such assessments because attacks evolve, and corporate security cannot always keep up.
Download this whitepaper to learn more about:
Lifecycle of a targeted attack;
It’s estimated that 300,000 new pieces of malware are created and an average of 30,000 websites are hacked every day, a speed that makes it very challenging for security systems to recognize the newest threats.
By examining trends in ransomware targets, it is becoming clear that some threat actors are motivated...
Ransomware actors have intensified their attack campaigns by threatening critical infrastructure shutdowns, risking public health and safety, diverting vital public resources, and impacting data privacy.
Early detection of the intrusion allows an organization to accelerate their response, minimize the impact of...
Too often when software developers change jobs, they take source code they've written with them, feeling the code belongs to them even if it belongs to an employer. Code42's Joe Payne shares the challenges of detecting source code theft and ways to protect intellectual property wherever it resides.