How CISOs Are Tackling Challenges Related to COVID-19 Crisis

Geetha Nandikotkur • April 3, 2020

As CISOs in India scramble to deal with challenges related to the COVID-19 crisis, they're discovering effective strategies. For example, they're adopting the "zero trust" model for the remote workforce and devising ways to deal with the security issues raised by "shadow IT" and "free software."

►

Business Continuity Management / Disaster Recovery

Russia's Cybercrime Rule Reminder: Never Hack Russians

Latest

Anti-Phishing, DMARC

Analysis: The Path Back to Business as Usual After COVID-19

Nick Holland • April 3, 2020

The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.

Governance & Risk Management

Zoom Rushes Patches for Zero-Day Vulnerabilities

Apurva Venkat • April 2, 2020

The day after security researcher Patrick Wardle disclosed two zero-day vulnerabilities in the macOS client version of Zoom's teleconferencing platform, the company on Thursday rushed out patches for these flaws and one other.

Business Continuity Management / Disaster Recovery

COVID-19 Response: The Re-Evaluation Phase

Tom Field • April 1, 2020

As April begins, enterprises are starting to re-evaluate their COVID-19 response plans, says crisis management expert Regina Phelps. What are the other pandemic response planning phases we can expect to see as infections spread and quarantines continue?

Identity & Access Management

A CISO Conversation: Managing the Remote Workforce

Tom Field • April 1, 2020

As CISO of SoftBank Investment Advisers, Gary Hayslip is dealing with a familiar crisis management challenge: Supporting a remote workforce, with extra emphasis on secure identities. But he's also keeping a close eye on his team and the risks of burnout.

Fraud Management & Cybercrime

Zoom Contacts Feature Leaks Email Addresses, Photos

Jeremy Kirk • April 1, 2020

Popular teleconferencing software Zoom is continuing to fall under scrutiny as questions are raised over its privacy and security practices. The latest issue: a feature that inadvertently reveals strangers' email addresses and profile photos.

Business Email Compromise (BEC)

Nigerian BEC Scammers Increase Proficiency: Report

Akshaya Asokan • April 1, 2020

Nigerian cybercriminal gangs have become even more proficient in waging business email compromise attacks, according to an analysis from Palo Alto Network's Unit 42 that describes recent trends.

Breach Notification

Marriott Suffers Another Massive Data Breach

Scott Ferguson • March 31, 2020

Hotel giant Marriott, which in 2018 disclosed that it had suffered one of the worst data breaches in history, is now warning that it suffered a new breach earlier this year that exposed personal details - although not payment card information - for 5.2 million customers.

Cybercrime

Phishing Campaigns Leverage Latest COVID-19 Themes

Scott Ferguson , Apurva Venkat • March 31, 2020

With the U.S. and other nations adopting economic stimulus packages as a result of the global COVID-19 pandemic, fraudsters are now using the promise of government checks as phishing lures to spread banking Trojans, according to a pair of new security research reports.

Cloud Security

Why Continuous Monitoring of Critical Data Is So Essential

Geetha Nandikotkur • March 31, 2020

To ensure business continuity, manufacturers in India that now have a 100 percent remote workforce because of the COVID-19 pandemic must be vigilant about ensuring critical data is protected through continuous monitoring, says Ravikiran S. Avvaru of the manufacturing group Apollo Tyres Ltd.

Cybercrime

FBI: Cybercrime Gang Mailing 'BadUSB' Devices to Targets

Mathew J. Schwartz • March 30, 2020

The FBI warns that the notorious FIN7 cybercrime gang has a new trick up its sleeve: Mailing victims a $50 gift card portrayed as good for redeeming items listed on an accompanying USB storage device, which in reality downloads Griffon backdoor software to give attackers remote access.

Business Continuity Management / Disaster Recovery

COVID-19 and the Human Side of Cybersecurity Leadership

Tom Field • March 30, 2020

When securing the remote workforce, it's important to be mindful of the human challenges - educating children, caring for elders and dealing with the barrage of COVID-19 news, says Microsoft's Diana Kelley, who shares insights on balancing cybersecurity and compassion.

Audit

Zoom Stops Transferring Data by Default to Facebook

Jeremy Kirk • March 30, 2020

Zoom has apologized for sharing large sets of user data by default with Facebook, blaming the social network's software development kit, which it has removed from its iOS app. With COVID-19 driving unprecedented levels of remote working, video conferencing software is under the privacy and security microscope.