The ongoing COVID-19 pandemic continues to fuel new opportunities for cybercriminals, malicious insiders and other adversaries who are posing new security threats to the privacy of patient health data, says attorney Erik Weinick of law firm Otterbourg P.C.
Accenture analyzed the top 20 most active ransomware leak sites to see how threat actors are posting sensitive corporate information and making the data easy to search and exploit. Accenture's Robert Boyce explains how cybercriminals are weaponizing stolen ransomware data for follow-up attacks.
Domain name registrars track domain name owners via "whois" data, which is a crucial tool for investigators combating cybercrime. But Kroll's Alan Brill says that since the EU General Data Protection Regulation went into effect, many registrars no longer publicly share such information, and that's a problem.
The Identity Theft Resource Center's new report shows a 1,044% increase in social media account hijacking. Banking fraud is also rising, with scammers focusing on using stolen personal data to open new banking and credit card accounts in victims' names, says COO James Lee.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."
A crowded field of 51 threat groups in the Russia-Ukraine cyberwar has attacked 29 nations - with attacks in Ukraine aimed at "sowing chaos and confusion" on and off the battlefield. This special report covers the tactics, techniques and motivations of threat actors and fallout for other nations.
How do you know whether your organization has invested enough money and time in security? As director of information security for Canon EMEA, Quentyn Taylor is often asked this question. "I'll be honest with you - just to set some expectations here, I don't have the correct answer," he admits.
Research by Dun & Bradstreet says business identity fraud jumped 254% in 2020. Tools can help prevent this fraud but may create greater friction, say Andrew La Marca, senior director at Dun & Bradstreet, and Ralph Gagliardi, agent in charge, High Tech Crimes Unit, Colorado Bureau of Investigation.
ENISA’s new "Threat Landscape for Ransomware Attacks" report analyzes 623 ransomware incidents in the EU, U.K. and U.S. from 2021 to 2022. ENISA cybersecurity officer Ifigeneia Lella shares how attacks have evolved and how 95% of reported incidents lack key data about how the breaches occurred.
A well-managed multi-cloud strategy "is a sensible approach" because it allows organizations to move different workloads between providers, but it gets a "bit more complicated when you start thinking about workload portability," says Lee Newcombe, security director, Capgemini U.K.
In the latest weekly update, four ISMG editors discuss the breach of customer engagement platform Twilio, a cyberattack on the U.K.'s NHS that has reignited concerns about supply chain security in the healthcare sector, and the U.S. Treasury clamping down on shady cryptocurrency mixers.
Enterprises spend a lot of time on what zero trust is, but too little time on design thinking - and why cybersecurity solutions need that element baked in from the start. Brian Barnier and Prachee Kale of ThinkDesignCyber and CyberTheory Institute give an overview of their zero trust strategy.
Cyber insurance can defray costs associated with data breaches and ransomware attacks. But Kelly Butler of the advisory firm Marsh & McLennan Companies says insurers are tightening their requirements for policies due to rising costs associated with increasingly severe incidents.
Response to supply chain attacks has evolved thanks to increased awareness and education, but more work needs to be done to understand how challenges can be addressed more systematically, says Sean Duca, vice president and regional chief security officer, Asia-Pacific and Japan, Palo Alto Networks.
As CISO of West, a Williston Financial Group company, Bruce Phillips recognizes that cybersecurity is not the enterprise's core business. But what, then, is the right level of cybersecurity to bring to a nonsecurity business? He discusses this and other leadership challenges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
