The latest edition of the ISMG Security Report discusses the cybersecurity challenges posed by the work-at-home shift. Also featured: Tips from NIST on developing remote worker security policies, plus a discussion of the nascent threat of AI meeting assistants.
Privileged access management is more critical as a result of the shift to telework during the COVID-19 pandemic and the ongoing movement of applications and data to the cloud, says Dr. Yask Sharma, CISO of a large national critical infrastructure organization in India, who outlines essential PAM components.
As telework has become the norm during the COVID-19 pandemic, ensuring new security issues arising from the use of shadow IT are addressed has become a more critical issue. Subhajit Deb, CISO at Dr. Reddy's Laboratories, offers insights on maintaining visibility so shadow IT can be better managed.
Washington state was the initial epicenter of the COVID-19 outbreak in the U.S., and Cris Ewell was at the heart of the crisis as CISO of UW Medicine. He shares his insights and lessons learned from supporting caregivers and a remote workforce during the pandemic.
Cybercrime groups and nation-state hacking gangs are continuing to exploit the COVID-19 pandemic to further their aims, U.K. and U.S. security agencies warn in a joint alert. While overall attack levels haven't increased, they say, "the frequency and severity of COVID-19-related cyberattacks" looks set to surge.
The COVID-19 pandemic has dramatically changed how we live and work - for now. But will some of these changes last beyond the crisis? If so, what impact can we expect on cybersecurity and privacy? Thought leaders Edna Conway of Microsoft, Michelle Dennedy of DrumWave and Wendy Nather of Cisco share their views.
Patch or perish alert: Less than 20 percent of vulnerable Microsoft Exchange servers have received a fix for a serious flaw that Microsoft first disclosed nearly two months ago, security firm Rapid7 warns. It also found a "concerning number" of Exchange 2007 servers, which Microsoft stopped supporting in 2017.
Australia is investigating how it can leverage data to slow the spread of COVID-19. This raises myriad privacy and security questions, including whether the public would embrace such a system and how long it should be in place.
Zero-day exploits are increasingly a commodity that advanced persistent threat groups can purchase and use to wage attacks, according to a report from security firm FireEye. The report says the number of attacks leveraging such exploits grew last year.
With a global remote workforce, the concept of secure identity has never been more critical. What is the present and future of identity? In a preview of an upcoming virtual roundtable discussion, SecureAuth's Bil Harmer shares his vision.
Identity and access management for the workforce? Cybersecurity leaders are all over that. But what about customer IAM? There's plenty of room to grow there, judging by Dallas roundtable discussion featuring Richard Bird of Ping Identity and Gray Mitchell of IDMWORKS.
As the COVID-19 outbreak has intensified, so too has cybercrime, including ransomware, Interpol, the international crime-fighting agency, warns. Despite some gangs claiming to no longer be targeting healthcare organizations, experts have seen "no abatement, empathy or free decryptor" from any of them.
Researchers at Boston University have written a research paper that proposes creating a smartphone app that uses short-range transmission technologies that can inform users if they have been in close proximity to a person infected with COVID-19 - while maintaining privacy.
Hackers are targeting Chinese government agencies and their employees by taking advantage of zero-day vulnerabilities in VPN servers to plant backdoors and other malware, researchers at the Chinese security firm Qihoo 360 report.
Zoom, responding to research that highlighted encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls. With COVID-19 driving a surge in working from home, researchers have been closely reviewing the security of such software.