Response to supply chain attacks has evolved thanks to increased awareness and education, but more work needs to be done to understand how challenges can be addressed more systematically, says Sean Duca, vice president and regional chief security officer, Asia-Pacific and Japan, Palo Alto Networks.
U.S. companies could see new cybersecurity rules and restrictions on consumer data collection under a rule-making process initiated by the FTC. No regulatory outcome is guaranteed, but today's advanced notice of proposed rule-making is a first step to new data security and privacy regulations.
In this episode of "Cybersecurity Unplugged," Apiiro's Moshe Zioni, vice president of security research, discusses the company's "Secrets Insights 2022" report on the real-world risks of hardcoded secrets across the software supply chain and how to mitigate the potential damage they can cause.
Black Hat USA 2022 opened with somber warnings from Chris Krebs about why application developers, vendors and the government need to solve major industry challenges. Key security executives also discussed DNS visibility, cloud security, patch management, APT strategies and supply chain woes.
More than two years after being notified of it, Microsoft issued a fix for a Microsoft Windows Support Diagnostic Tool vulnerability known as DogWalk. The fix is part of the operating system giant's newest Patch Tuesday dump, which includes patches for 141 flaws.
Virtualization giant VMware is warning users to immediately patch a range of its access and identity management products now that researchers have published proof of concept code for exploiting an authentication bypass. The company says it has yet to see in-the-wild attacks using the exploit.
A large number of security practitioners still don't understand the difference between security of the cloud and security in the cloud, says Archit Rajesh, group CISO at TeamLease, a human resources company headquartered in India. He discusses the complexities of cloud security.
ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.
While Managed EDR can help in many endpoint scenarios, it’s important to be aware that going beyond the endpoint allows MDR and extended detection and response (XDR) to offer broader cybersecurity coverage.
Two hacking incidents - one reported by a Texas-based substance abuse treatment network that operates in several states and the other by a New Mexico community health center - have affected the sensitive medical information of nearly 300,000 individuals.
OneTrust has put nearly $1 billion in investment to good use, helping companies address data governance, security assurance, third-party risk and more, Chief Strategy Officer Blake Brannon says. OneTrust has taken on challenges such as monitoring the ethical use of data and verifying compliance.
Having been part of different industries has helped Gagandeep Singh, who is the CISO at IHH Healthcare Berhad, learn the various aspects of cybersecurity. He discusses how being a vendor and being a customer have helped him in his role as a CISO and what his work now entails.
The ongoing Russia-Ukraine war has featured cyber operations being used to target Ukraine as well as Russia. But CyberPeace Institute, which tracks cyberattacks tied to the conflict, has so far seen 27 different countries being affected by more than 300 attacks, and many have affected civilians.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
The managed security services market is both evolving and becoming crowded. Colin O'Connor, COO of ReliaQuest, offers insight into why many MSS offerings fall short and what customers going forward should demand in MSS security outcomes.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.