The days of effective CISOs being pure-play technologists are long gone. Instead, CISO Paul Swarbrick says the role demands someone who is expert "in people, and management and risk," and who is skilled at bringing to bear the right experts for every strategic challenge they identify.
Networks and attack surfaces are changing fast - there's so much more than servers and endpoints. Now, you're responsible for securing everything from cloud platforms to DevOp containers to web apps. Cyber Exposure is an emerging discipline for measuring and managing cyber risk across this modern attack surface. This...
This 2018 Osterman Research Survey Report focused on understanding current security processes and how organizations are working to improve and automate them.
The research was conducted in the US, EMEA and APAC regions with 465 professional respondents who were knowledgeable about security policy management in their...
The FDA's procedures for handling cybersecurity concerns in medical devices once they are on the market are deficient, according to a new federal watchdog agency report. But since that audit was conducted, the FDA has been aggressively ramping up its activities around device cybersecurity.
Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack. Insurance firm Beazley says cyber claims for ransomware have increased in recent months, with the healthcare sector hardest hit.
A new "playbook" co-developed by the Food and Drug Administration and Mitre Corp. aims to assist healthcare delivery organizations in responding to cybersecurity incidents involving medical devices. Julie Connolly, who helped develop the guide, explains how to use it.
Today's attack surface presents a growing challenge to CISOs looking to understand and reduce their cyber risk. When it comes to IT infrastructure, it's fair to say the perimeter has left the premises. Whether it's discovering short-lived assets (e.g., containers), assessing cloud environments or maintaining web...
A coding error in a portal of the Employee Retirement System of Texas inadvertently allowed some users to view the information of others, potentially exposing information on 1.25 million of its members. Why are breaches involving coding mishaps so common?
With at least 20 billion new consumer devices set to be internet-connected by 2020, initiatives in the U.K. and California are trying to ensure that as many IoT devices as possible will be out-of-the-box secure, for starters by not shipping with default passwords.
With so much focus on endpoint security, it's important not to overlook the importance of network-level security controls, says Lawrence Orans, research vice president at Gartner.
A Canadian home healthcare provider says it was able to recover from a recent ransomware attack without paying a ransom, but it had to revert to manual processes for several days. The incident illustrates the value of being well prepared to deal with cyberattacks.
While Facebook has invalidated 90 million users' single sign-on access tokens following a mega-breach, researchers warn that most access token hijacking victims still lack any reliable "single sign-off" capabilities that will revoke attackers' access to hyper-connected web services and mobile apps.
It's less than 10 weeks until your country's elections; do you know where your government's information warfare defenses and election security strategy are? The FBI says it's moving to counter information operations, while DHS is bolstering election security. But will it be enough?
Philips and Becton Dickinson have each issued multiple alerts this year regarding cybersecurity flaws in some of their medical devices. Some security experts say the two companies' transparency about cybersecurity issues - including new alerts issued last week - should be emulated by other manufacturers.
Layering defenses and maintaining strong security postures help mitigate risks as an organization's attack surface expands, says Narelle Devine, CISO of the Australian Department of Human Services.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
