As the world embraces renewables and green energy, is the energy sector properly learning from past cybersecurity mistakes? Rafael Narezzi, CTO of CF Partners, discusses current industrial cybersecurity shortcomings and the need for the industry to take a more mature and proactive approach.
Chaim Mazal, discusses the issues affecting CISOs, including how increased market share leads to increased problems and how having uniform, automated controls can provide security and enforce compliance.
Four ISMG editors discuss important cybersecurity issues, including the hot topics at ISMG roundtable discussions - such as challenges around software supply chain security, highlights from ISMG's upcoming Healthcare Summit, and how some cybersecurity vendors are creating their own venture funds.
Employees are leaving at an unprecedented rate. As a result, the Great Resignation has created more opportunities for data loss than ever before. According to the 2022 Voice of the CISO report, CISOs agree that protecting data has become an increased challenge. So, how do you protect your organization against data...
In today's extended enterprise, there are more endpoints than ever - and the adversaries will take advantage of any vulnerability. Nirav Shah of Cisco offers insights on the top five tips for defending these endpoints, as well as questions you need to be asking of prospective service providers.
Welcome to ISMG's compendium of RSA Conference 2022. The 31st annual conference covered a wide range of topics including cybercrime, cyberwarfare, zero trust, supply chain risk, ransomware, OT security, cyber insurance and jobs. Access 150+ interviews with the top speakers and influencers.
How effective are your existing security controls against a skilled adversary? The best way to find out is by running a penetration test. As this security practice becomes increasingly common, it can feel more difficult to ask, “what exactly is penetration testing?”
This guide aims to not only answer this...
In today’s dynamic environment, with the proliferation of a wide array of different security products and the high chance for misconfigurations, testing security is more imperative than ever, says Scott Register, vice president of security solutions at Keysight.
“The only way to see if all these products have...
CyGlass completed a management buyout from Nominet just two years after being acquired and wants to build an EDR stack via partnerships. Board and management changes at Nominet in 2021 resulted in the company returning to its registry roots and gave CyGlass workers the chance to buy the company.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
"I'm concerned that at some point the Russians are going to launch cyber retaliatory attacks against the United States at election infrastructure and the transportation, financial and energy sectors," says Elvis Chan, supervisory special agent at the San Francisco Division of the FBI.
Recent draft guidance from the Food and Drug Administration represents a game-changer in how the makers of medical devices should approach the cybersecurity of their products, say Axel Wirth and Vidya Murthy of medical device security firm MedCrypt.
XM Cyber has purchased Cyber Observer to help customers ensure their security products are installed and configured correctly and not opening up potential attack vectors. The deal will help customers see both their areas of exposure as well as how their existing security controls can react.
The cloud. SaaS. Mobile workforces. An unstoppable wave of BYOD. Today, users and the applications they depend on are more widely distributed than ever. Networks are exposed and threats continue to evolve. But “lock it down” no longer works. IT Security teams need to achieve the same visibility and control they...
Effective security and risk programs require not just domain mastery but making security accessible to boards of directors and senior officers, says Karin Höne, the group chief information security and risk officer of South Africa-based multinational Barloworld.