A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
A former Cisco engineer has pleaded guilty to causing $1.4 million in damages to his former employer. Sudhish Kasaba Ramesh admitted to deleting 456 virtual machines that affected 16,000 WebEx accounts for weeks, according to the Justice Department.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
Tesla CEO Elon Musk says a "serious attack" aimed at stealing corporate data and holding his company to ransom has been thwarted. The FBI has accused a Russian national of attempting to recruit an insider to install malware to steal data, which criminals hoped to ransom for $4 million.
The "zero trust" model can play a critical role in mitigating emerging threats. That's why Information Security Media Group will host on Aug. 4 a virtual cybersecurity summit for Southeast Asia on applying the model.
The "zero trust" model can play a critical role in mitigating emerging threats. That's why Information Security Media Group will host on July 27 a virtual cybersecurity summit for India on applying the model.
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.
As companies lay off employees and deal with financial challenges during the COVID-19 pandemic, they're also facing an increase in the number of insider fraud incidents, says Randy Trzeciak, director of the National Insider Threat Center at Carnegie Mellon University, who offers fraud detection tips.
An identity and access management strategy for a hybrid cloud environment should include single sign-on as well as multifactor authentication, says Andrew Koh, deputy general manager and regional lead-Risk at Habib Bank Ltd. in Singapore.
As the risks to IT and OT converge, organizations must ramp up their threat intelligence information sharing mechanisms and build a more comprehensive cybersecurity policy, says Singapore-based John Lee, managing director of GRF Asia, a federation for building global resilience.
The latest edition of the ISMG Security Report analyzes the surge in the use of employee monitoring tools for the increasingly remote workforce. Also featured: Discussions about IoT security guidelines and CCPA compliance requirements.
With so many employees working from home during the COVID-19 pandemic, vendors of time-tracking and productivity-monitoring software report surging interest in their wares. Regardless of whether organizations deploy light-touch or more Big Brother types of approaches, beware potential privacy repercussions.
The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.
To mitigate cyberthreats, telecommunications companies in the GCC region need to enhance their incident detection and response capabilities, says Doha, Qatar-based Mustapha Huneyd, former global CISO of Ooredoo, a regional telecom firm.