Making the Leap: The Risks and Benefits of Passwordless Authentication
The password isn’t going anywhere. Passwordless authentication is gaining momentum, though. It appears to be winning the battle of how companies are choosing to log in. Like it or not, the security industry must contend with both in the...
Does Follina Mean It’s Time to Abandon Microsoft Office?
As a freelance writer, I spend most of my day working in Microsoft Word. Then, I send drafts to clients and companies across the globe. So, news of the newly discovered Microsoft Office vulnerability made me concerned about the...
How IBM Secured the 2022 US Open
Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning...
Companies Without Zero Trust Could Lose $1M More During a Data Breach
In recent years, the mindset for cybersecurity has shifted. It isn’t a matter of if a company has a breach, but rather when a company has a breach. With the increase in cybersecurity incidents, most if not all companies will...
Getting Lost in an Encryption Maze? Try a Key Management System
Encryption is an essential part of any data security strategy. A key management system (KMS) can make encryption easier by enabling you to transform data to indecipherable cyphertext and control who can access it in clear text. That helps...
3 Reasons Why Technology Integration Matters
As John Donne once wrote, “No man is an island entire of itself.” With digitalization bridging any distance, the same logic could be applied to tech.
Threat actors have vast underground forums for sharing their intelligence, while security professionals remain...
Modern Data Security Needs a Modern Solution
The role of a data security analyst isn’t an easy one. It has always been hard to address data security because of the volume, speed and variety of data in the IT landscape. However, over the last few years,...
A Response Guide for New NSA and CISA Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) recently published a report highlighting a range of critical security vulnerabilities requiring attention from organizations of all types. The report was published with input from the National Security Agency (NSA) and similar...
What Kind of Data Costs Most in a Breach?
Today’s most valuable currency is data. Breaches, information operations, analytics and behavior recognition are all driven by data and the desire to possess it, regardless of what those who possess it want to do with it. We set out...
Old Habits Die Hard: New Report Finds Businesses Still Introducing Security Risk into Cloud Environments
While cloud computing and its many forms (private, public, hybrid cloud or multi-cloud environments) have become ubiquitous with innovation and growth over the past decade, cybercriminals have closely watched the migration and introduced innovations of their own to exploit...
We’re Entering the Age of Unethical Voice Tech
In 2019, Google released a synthetic speech database with a very specific goal: stopping audio deepfakes.
“Malicious actors may synthesize speech to try to fool voice authentication systems,” the Google News Initiative blog reported at the time. “Perhaps equally concerning,...
Survey Connects Cybersecurity Skills Gap to Increase in Breaches
The skills gap in cybersecurity isn’t a new concern. But, new research revealed in Fortinet’s 2022 Cybersecurity Skills Gap report confirmed what many experts have assumed. The skills gap increased risk and was likely the direct cause of at...
Chasing the Cyber 1%: How to Beat the Cybersecurity Poverty Line
In cybersecurity, there are the haves and have-nots. For the latter, improving their security posture to defend against threats is rarely straightforward. While attackers become more high-tech, the gap between ‘the cyber 1%’ and those companies below the ‘cybersecurity...
The Cost of a Data Breach for Government Agencies
What happens when attackers breach local government, police departments or public health services? What would happen if attackers compromised the U.S. Treasury’s network? These types of incidents happen every month and lead to service interruptions at the very least....
CISA Certification: What You Need to Know
The globally-recognized Certified Information Systems Auditor (CISA) certification shows knowledge of IT and auditing, security, governance, control and assurance to assess potential threats. As you can imagine, it’s very much in demand. It can also be confusing.
Is CISA Certification...
Ukraine fears ‘massive’ Russian cyberattacks on power, infrastructure
Will those be before or after the nuke strikes Putin keeps banging on about? Russia plans to conduct "massive cyberattacks" on Ukraine and its allies' critical infrastructure and energy sector, according to Kyiv.…
BrandPost: Extortion Economics: Ransomware’s New Business Model
Did you know that over 80% of ransomware attacks can be traced to common configuration errors in software and devices? This ease of access is one of many reasons why cybercriminals have become emboldened by the underground ransomware economy.And...
Police ‘all over’ dark web ransom threat to release 10,000 customer records a day, Optus CEO says
Purported hackers post ultimatum demanding $1m within four days after massive Optus data breachFollow our Australia news live blog for the latest updatesGet our free news app, morning email briefing or daily news podcastThe chief executive of Optus, Kelly...
Barracuda Unveils New Capabilities To Protect Against Persistent And Evolving Threats
Barracuda announced a number of product enhancements and innovative new capabilities at its recent Secured.22 virtual conference to expand the protection for customers and help them defend against the latest cyber threats.
Zoho ManageEngine flaw is actively exploited, CISA warns
A remote code execution vulnerability in Zoho's ManageEngine, a popular IT management solution for enterprises, is being exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) added the flaw to its catalog of known exploited vulnerabilities...
