OMB on Wednesday released a federal strategy to move the U.S. government toward mature zero trust architectures. White House officials say the new strategy - with a focus on MFA, asset inventories, traffic encryption, and more - is a key step in delivering on Biden's May 2021 executive order.
Endpoint detection and response software news: The entity formerly known as McAfee Enterprise and FireEye Products has a new name: Trellix. Think of a "security trellis to businesses across the globe, giving them support they need to keep them safe," says CEO Bryan Palma. Will customers and prospects buy in?
The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
"There are so many basics we need to get right," says Daniel Dresner, professor of cyber security at Manchester University. In this interview, he discusses the cybersecurity practices that he recommends to make the task of securing small- to medium-sized enterprises less overwhelming.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
Cryptocurrency exchange Coinbase faces potential user trust challenges after a system error led it to send out false automated security alerts to about 125,000 customers indicating their two-factor authentication settings had been changed.
Google has removed eight fake cryptomining apps from its Play Store, but researchers at security firm Trend Micro have flagged 120 other apps on users' phones purporting to also be cryptomining. Users paid for services the eight apps never delivered.
Despite these financial headwinds, new ways are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers.
Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware. In addition, fewer victims are paying a ransom simply for a promise from attackers to delete stolen data.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Threat intelligence researchers are looking closely at REvil, the ransomware gang that infected up to 1,500 companies in a single swoop. A look at the group's online infrastructure shows clear lines to Russian and U.K. service providers that, in theory, could help law enforcement agencies but don't appear eager to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.