Latest

Audit

Zoom Stops Transferring Data by Default to Facebook

Jeremy Kirk  •  March 30, 2020

Zoom has apologized for sharing large sets of user data by default with Facebook, blaming the social network's software development kit, which it has removed from its iOS app. With COVID-19 driving unprecedented levels of remote working, video conferencing software is under the privacy and security microscope.

►

Business Continuity Management / Disaster Recovery

Covid19: Remote Workforce Security Strategies

Suparna Goswami  •  March 27, 2020

In an in-depth interview, two cybersecurity experts at Akamai Technologies India discuss ensuring security for at-home workers during the COVID-19 crisis and offer business continuity insights.

Electronic Healthcare Records

Coalition Formed to Address COVID-19 Crisis

Marianne Kolbasuk McGee  •  March 27, 2020

More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.

Business Continuity Management / Disaster Recovery

Analysis: Russia's COVID-19 Disinformation Campaign

Nick Holland  •  March 27, 2020

The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.

Cybercrime

Chinese Cyber Espionage Continues Despite COVID-19

Akshaya Asokan  •  March 26, 2020

Despite the global COVID-19 pandemic, which started in China, Chinese cyber espionage campaigns are continuing, with a new campaign from one APT group targeting at least 75 enterprises in 20 countries, according to the security firm FireEye.

Governance & Risk Management

Microsoft to Pause Non-Essential Software Updates

Mathew J. Schwartz  •  March 26, 2020

Microsoft has announced that it will pause all non-essential updates for Windows, while both Google and Microsoft have said their Chrome and Edge browsers will, for now, receive only stability and security updates. The moves come as IT teams are continuing to respond to the ongoing fallout of the COVID-19 pandemic.

Cybercrime

Newly Discovered APT Group Targets Middle East Firms: Report

Apurva Venkat  •  March 26, 2020

A newly discovered advanced persistent threat group is targeting industrial firms in the Middle East with a new type of backdoor Trojan, according to the security firm Kaspersky.

►

Cloud Security

Establishing 'Zero Trust' Security in the Cloud

Varun Haran  •  March 26, 2020

At a time when individuals are accessing information in the cloud from anywhere, it's important to establish trust with the user, says Brijesh Miglani of Forcepoint.

►

Governance & Risk Management

Moving From Cyber Secure to Cyber Immune

Varun Haran  •  March 26, 2020

Although most companies acknowledge the importance of securing their perimeters and endpoints, many are still reactive in their approach to security, says Dipesh Kaura of Kaspersky, who advocates a "security by design" approach.

►

Application Security

Application Security: Essential Steps

Varun Haran  •  March 26, 2020

Organizations need to go far beyond addressing the OWASP Top 10 security risks to make an application truly secure, says Rajesh Jain of Cloudflare.

►

DevSecOps

Getting Ready for DevSecOps

Varun Haran  •  March 26, 2020

Developers need to be the primary stakeholdersof any DevSecOps process, says Nitin Kumar Dang of Checkmarx, who offers strategic insights.

Endpoint Security

The Best of RSA Conference 2020

Information Security Media Group  •  March 25, 2020

At RSA Conference 2020 in San Francisco, Information Security Media Group's editorial team conducted more than 130 video interviews with industry thought leaders. Here are the highlights.