Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. In the days between April 21 and April 27, the spotlight was on the arrest of a Ukrainian trafficker in stolen data, a U.S. Navy shipbuilder and incidents in Canada, India and Kenya.
The midsize market encounters many cybersecurity hurdles, including the increasing volume of information that needs to be protected, the shift to hybrid cloud, and limited skilled personnel to build and implement security programs. What does the SOC look like for these organizations?
Changes to FedRAMP regulations will have a major impact on cloud services providers, compliance and cybersecurity controls, said Tony Bai, director, federal practice lead, at A-LIGN. Bai offers insight on navigating the U.S government authorization requirements as well as the StateRAMP program.
Developers want to move quickly and they want security to be "a natural part" in every step of the software development life cycle. Generative AI can play a pervasive role in helping cybersecurity keep up the pace, according to Brian Roche, chief product officer at Veracode.
Every organization has a role in securing the nation and economy. Enterprises should invest in the right controls, partner with public agencies and prioritize security at the board level, advised Eric Goldstein, executive assistant director for cybersecurity of CISA.
Venture capitalist Alberto Yépez says there are opportunities to innovate in this economy. The market is self-correcting, but the demand for cyber protection has increased with the rise in cyberattacks and increased regulations, making it a top priority in terms of technology budgets, he said.
Much of the friction between CISOs and their general counsels, according to Ron Raether, partner at Troutman Pepper, is the result of ignorance. General counsels don't understand the full extent of IT and information security and often pin the blame on the CISOs, who become the scapegoats.
Hackers are attempting to infect a consumer-grade Wi-Fi router model with Mirai botnet malware following the discovery of zero-days in the device in a December hacking competition. TP-Link released a patch in mid-March. Telemetry shows infections in Eastern Europe and elsewhere.
An obscure routing protocol codified during the 1990s has come roaring back to attention after researchers found a flaw that would allow attackers to initiate massive distributed denial-of-service attacks. Researchers from Bitsight and Curesec say they found a bug in Service Location Protocol.
Six individuals - including five former employees of a Tennessee healthcare organization - have pleaded guilty to criminal HIPAA violations in an alleged scheme involving the sale of motor vehicle accident patient information to third parties. One of the defendants has been sentenced so far.
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. A group's newly dubbed "Educated Manticore" is sending Iraq-themed bait to coax deployment of an implant known as PowerLess.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.
ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of the latest speakers and hot topics, including the continuing conversation about generative AI and the decline and fall of blockchain. Join us for daily updates from San Francisco.
Cybersecurity is "a full-time task" that requires a lot of discipline, says Ajay Sabhlok, CIO and chief digital officer at Rubrik. He discusses tips for increasing your company's cyber maturity, ideas about how CIOs and CISOs can align, and advice on what not to do, such as pay a ransom.
An Indian court convicted 11 people for their roles in the North Korean heist of $13.5 million in 2018 from Pune-based Cosmos Cooperative Bank. The United Nations attributed the thefts to North Korea, which uses criminal activity, including financially motivated hacking, to obtain hard currency.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.