California voters passed Proposition 24, the California Privacy Rights Act, on Nov. 3, which expands upon the recently activated California Consumer Privacy Act specifically when it comes to enforcement and how businesses handle personal data.
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
Brian Brackenborough, CISO, Channel 4, the British television network, and Nick Nagle, CISO, Security Critical, a U.K.-based consultancy company, discuss the lessons learned in 2020 and how they might impact the year ahead, agreeing that 2021 provides an "opportunity for a re-set."
Despite the soaring list of customers reporting data breaches tied to the May ransomware attack on Blackbaud - and numerous legal actions filed against the company - the fundraising software vendor recently told Wall Street that it expects cyber insurance to cover the bulk of its costs associated with the incident.
Dave Snyder of Independence Blue Cross in Philadelphia has been in security leadership long enough to know: It's not about whether you have a technology foundation or lean more toward leadership. It's about having both, and about being a security evangelist, too.
Newly updated Food and Drug Administration guidelines will help experts to more accurately score and communicate the criticality of security vulnerabilities identified in medical devices, says Elad Luz, head of security research at CyberMDX.
Validating identity across every digital channel is essential to track money movement information and help control P2P payment fraud, two fraud-fighting experts say.
COVID-19 infections are hitting new daily highs in the U.S., and some European countries are re-imposing restrictions. Plus, the flu season is just around the corner. "We're in a bad place," says pandemic expert Regina Phelps, who shares insights on pandemic trends and response.
Almost eight months after Microsoft warned of a critical vulnerability in Windows called SMBGhost, more than 100,000 unpatched devices remain vulnerable, according to security researchers. The COVID-19 pandemic and ensuing rush to move workers into home offices may have led to delays in applying the fix.
So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security.
Amidst this new "perfect storm" of insider risk, enterprises face new challenges in detecting malicious and accidental activities. Tricia Hoyt, Director of Security Operations at ReliaQuest, offers insight on how to assess and reduce the risks.
The imperative for CISOs during the COVID-19 pandemic is to do more with less. While disruptive attacks - as well as privacy concerns - keep rising, budgets are down. As organizations rapidly adopt new technologies, however, EY's Kris Lovejoy says CISOs must seize the opportunity to streamline.
A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices. The IoT Security Foundation and Oxford Information Labs say the platform could help vendors comply with new IoT regulations and standards.
French IT services firm Sopra Steria is confirming that its internal infrastructure sustained a Ryuk ransomware attack that has disrupted its operations, with a full recovery expected to take weeks.
The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.