Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
In today’s dynamic environment, with the proliferation of a wide array of different security products and the high chance for misconfigurations, testing security is more imperative than ever, says Scott Register, vice president of security solutions at Keysight.
“The only way to see if all these products have...
Its all-hands-on-deck when a massive vulnerability such as Log4Shell arises, or a vendor announces a newly discovered breach. When headline events happen, security teams must act quickly to determine whether or not their environment has been impacted, then respond appropriately.
Responding to major new cyber events...
In today's dynamic environment, with the proliferation of a wide array of different security products and the high chance for misconfigurations, testing security is more imperative than ever, says Scott Register, vice president of security solutions at Keysight.
Attention to anyone who manages a Microsoft Windows environment: Security researchers are tracking a zero-day vulnerability in Microsoft Office that's being actively exploited by attackers to run malicious code on a vulnerable system.
The U.S. Department of Justice has revised its policy on who it charges with violations under the Computer Fraud and Abuse Act. The DOJ now specifies that good-faith security research and researchers cannot be charged under the CFAA because they help improve cybersecurity standards.
An emergency directive from the U.S. Cybersecurity and Infrastructure Security Agency advises all federal agencies in the country to immediately patch and address two vulnerabilities - one with a critical CVSS score and the other with a high score - that affect at least five VMware products.
Across industrial sectors, limited asset visibility, reliance on manual processes and siloed data are three common factors that make it hard to effectively protect OT operations and streamline IT and OT vulnerability management & response.
In this live webinar, you'll get guidance from subject matter experts on...
The Five Eyes intelligence alliance has released a set of the 15 most routinely exploited vulnerabilities in the past year. Nine of the 15 vulnerabilities allow remote code execution, and the rest include privilege escalation, security bypass and path traversal, among other flaws.
As a security leader, you know that the way to align your vulnerability management program to support the business is to mitigate the vulnerabilities that have the biggest business impact. But that’s easier said than done. How do you discover and rate each vulnerability? How do you remediate them without disrupting...
Industrial organizations dealt with significant challenges in 2021. Cyberattacks on the Oldsmar, Florida water facility, Colonial Pipeline, and JBS, as well as the SolarWinds supply chain attack, propelled industrial cybersecurity to the national and global stage. Millions of people have woken up to the staggering...
When it comes to the need for strong industrial cybersecurity, many enterprises received a major wake-up call when NotPetya—widely regarded as the one of the costliest and most destructive cyber attacks in history—caused billions of dollars in damages and affected IT and OT environments alike. The importance of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
