The US National Security Agency has issued its zero trust guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.
The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.
Organizations are experiencing highly targeted and complex attacks that traditional security solutions miss. Exposures have increased as organizations move to the shared security models of AWS and Azure. The volume of native alerts and detections is on the rise, and organizations need to focus on the right information...
A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow. Tracie Thompson of HackHunter says rogue access can be difficult to locate and remove.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
The Biden administration is reviewing former President Donald Trump's policies addressing potential national security and cybersecurity concerns about Chinese-owned companies as it develops new plans for dealing with a wide range of issues tied to China.
Bloomberg has stood firm on its controversial story from two years ago asserting that China implanted a tiny chip on motherboards made by Supermicro. But rather than proving its contention in a follow-up, it may have inflicted more reputational damage upon itself.
CIOs and CISOs have now been charged with
addressing the cybersecurity risks of OT and IoT,
as well as Enterprise IT, environments. Because of
this, they are now looking to establish a holistic
route to cybersecurity management across the
broader technology stack.
Download this whitepaper to learn about what...
EDR, NDR, XDR – we keep rebranding defense, but it all still comes down to detection and response, says Erin Sweeney of ReliaQuest. She discusses the latest evolution and how enterprises are deploying it.
Following the hacking of a Florida water treatment plant, CISA is warning the operators of other plants to be on the lookout for hackers who exploit remote access software and outdated operating systems - and to take risk mitigation steps. The advice applies to other organizations as well, some security experts say.
The latest edition of the ISMG Security Report features an analysis of the critical security issues raised by the hacking of a Florida city water treatment plant. Also featured: The CISO of the World Health Organization discusses supply chain security; hackers steal celebrities' cryptocurrency.
Legacy endpoint Data Loss Prevention solutions fall short in a number areas, including their invasiveness, resource intensity and heavy maintenance requirements due to false positives and need for constant tuning. In fact, a number of organizations have given up on their DLP solutions because it’s just too hard to...
The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.
In this webinar, Nick Hogg, Director of Technical Training at Clearswift talks through the data risk challenges with Office 365 and looks at ways you can further protect your critical data and secure your installation from cyber threats.