Federal agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by using recommended firewall configurations, but this step isn't always feasible, the Cybersecurity and Infrastructure Security Agency says.
The number of data breach notifications jumped 140% in 2020 from the previous year, with a surge in attacks against less-regulated industries, according to Kroll's 2021 Data Breach Outlook. Bryan Lapidus and Heather Williams of Kroll analyze the report's findings.
Title insurance company First American Financial Corp. will pay the SEC a $488,000 penalty as a result of a data breach revealed two years ago. Information security staff members were aware of the vulnerability in the company's EaglePro document-sharing system for five months but failed to fix it, the SEC reports.
Reproductive Biology Associates, an Atlanta-based clinic operator, and its affiliate, MyEggBank North America, report their systems were hit by a ransomware attack in April but say they regained control of their network and data after contacting the attackers.
How can organizations update their SOCs to ensure they keep up with evolving cyberthreats? Three experts - Sean Duca of Palo Alto Networks, Rishi Rajpal of Concentrix and Anish Ravindranathan of Tata Digital - offer insights.
It's been two years since Gartner first gave a name to Secure Access Service Edge. But it's quickly emerging as a popular architecture for digitally transformed enterprises. Elton Fontaine of Palo Alto Networks discusses SASE use cases for state and municipal government, as well as higher education.
A bipartisan group of senators is circulating a draft of a federal breach notification bill that would require federal agencies, federal contractors and businesses that have oversight over critical infrastructure to report significant cyberthreats to CISA within 24 hours of discovery.
For the second time in less than a year, Carnival has informed customers and employees of a data breach after an unauthorized intruder gained access to a portion of its IT network and infrastructure in March.
The daily peak of DDoS attack traffic increased 100% from January 2020 to May 2021, reaching 3 Tbps, with most of the high-bandwidth, high-intensity attacks originating from fewer than 50 hosting companies, Nokia Deepfield reports.
For most organizations, the rationale for employing data security solutions is crisis mitigation associated with potential data breaches - driven by compliance regulations, possible fines and reputation loss. There is, however, another compelling rationale for strong data security program that a growing number of...
As work from anywhere becomes the new normal, organisations across UKI – and beyond – must ensure that their employees can work remotely easily as well as securely while sacrificing nothing on the performance, stability, or productivity front.
To make that happen, many organisations have increased their...
SOC teams are struggling to keep up with the pace of today's threats. Weighed down by the sheer volume of security events and mundane manual processes, they miss the opportunity to investigate alerts thoroughly and remediate incidents rapidly and concisely.
Join this session to learn how:
To accelerate SOC...
The discovery of an unsecured database containing over 1 billion records related to CVS Health website visitor activity illustrates yet again how security missteps can potentially leave sensitive data exposed, some security experts say.
With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.