Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.
The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
While nearly three-quarters of cybersecurity professionals would grade their organization's
ability to identify and mitigate a cyberattack, as above average or superior, nearly half have
been subject to a spear-phishing attack and a third have suffered a malware incident in the
last year. Further, over half of...
Business email compromise (BEC) and email account compromise (EAC) are complex problems that require multi-layered defenses. Cyber attackers have countless ways of tricking your users, preying on their trust and exploiting their access to key data, systems and resources.
To succeed, attackers need to find just...
The Reserve Bank of India's draft of a framework for new self-regulatory organizations, including one that would help oversee payment system operators, fails to adequately address security issues, some observers say.
He'd worked at NASA, Visa and Time Warner and stepped in at Home Depot after it was hacked in 2014. But nothing quite prepared Jamil Farshchi for the spotlight he'd face when he took over as CISO at Equifax after its massive 2017 data breach. He discusses how the Equifax security organization has rebounded.
The COVID-19 pandemic is forcing big businesses to rethink their security plans. For example, the National Football League is experimenting with "zero trust" architectures, while Jet Blue is focusing on more frequent risk assessments.
Who watches the penetration-testing testers? Questions are circulating over how some organizations train their employees for the CREST pen-testing certification after some leaked internal documents appeared to contain material from past tests.
Data is the lifeblood of modern organizations - and modern security operations. Today's SecOps teams must be more data-driven, leveraging automation, machine learning and other tools to quickly identify threats and reduce response times, while freeing up critical engineering and analyst resources. Splunk CISO Yassir...
2020 has brought seismic change to all sectors, and cybersecurity leaders have been in the driver's seat in helping their enterprises adapt. Join this exclusive panel for unique insight into:
How to respond when your business faces historic transformation;
Challenges posed by new threats, endpoint security...
The 2020 Vulnerability and Threat Trends Report Mid-Year Update
shows how criminals have taken advantage of the disruption caused
by the pandemic. While organizations were vulnerable and distracted,
hackers developed new ransomware samples and advanced existing
tools to attack critical infrastructure - including...
Paul Connelly has been CSO at HCA Healthcare for more than 18 years. But no year has been more trying than this one. What has he learned from the COVID-19 experience and the challenge of accelerating digital transformation amid a pandemic?