Profiles in Leadership: Gagandeep Singh

Suparna Goswami • August 9, 2022

Having been part of different industries has helped Gagandeep Singh, who is the CISO at IHH Healthcare Berhad, learn the various aspects of cybersecurity. He discusses how being a vendor and being a customer have helped him in his role as a CISO and what his work now entails.

Anti-Money Laundering (AML)

OCC's Hsu Urges Multifactor Authentication

Latest

Next-Generation Technologies & Secure Development

Sophos' Kris Hagerman on Powering Cybersecurity as a Service

Michael Novinson • August 9, 2022

The rise of ransomware brokers and the continued talent shortage mean defenders increasingly need security technology managed on their behalf, Sophos' Kris Hagerman says. Customers must manage all their security products from a single platform and analyze the data these tools generate, he says.

Governance & Risk Management

OneTrust's Blake Brannon on Unifying Privacy and Governance

Michael Novinson • August 9, 2022

OneTrust has put nearly $1 billion in investment to good use, helping companies address data governance, security assurance, third-party risk and more, Chief Strategy Officer Blake Brannon says. OneTrust has taken on challenges such as monitoring the ethical use of data and verifying compliance.

Cybercrime as-a-service

Ransomware Leak Sites Attract More Attacks

Prajeet Nair • August 9, 2022

Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos. The cybersecurity firm says it's seen an uptick in incidents involving multiple criminal gangs demanding a ransom for unencrypted victims' files.

Critical Infrastructure Security

Russia-Ukraine War: Over 300 Cyber Operations Seen So Far

Mathew J. Schwartz • August 9, 2022

The ongoing Russia-Ukraine war has featured cyber operations being used to target Ukraine as well as Russia. But CyberPeace Institute, which tracks cyberattacks tied to the conflict, has so far seen 27 different countries being affected by more than 300 attacks, and many have affected civilians.

Analytics

John Watters on Why Google and Mandiant Are Better Together

Michael Novinson • August 8, 2022

Combining the data analytics of Google Chronicle with Mandiant's ability to identify signals of abnormal behavior is an unbeatable combination, says Mandiant President and COO John Watters. Google agreed in March to purchase threat intelligence and incident response titan Mandiant for $5.4 billion.

Governance & Risk Management

Hatem Naguib on Charting Barracuda's New Course Under KKR

Michael Novinson • August 8, 2022

President and CEO Hatem Naguib expects Barracuda Networks to pursue more midmarket growth opportunities in both North America and internationally under private equity firm KKR's tutelage. The company will move from Thoma Bravo to KKR's control for a reported $4 billion in a deal announced in April.

Fraud Management & Cybercrime

Beyond Security: Forrester's Bot Management Q2 Trends

Anna Delaney • August 8, 2022

Sandy Carielli, principal analyst at Forrester, shares research on the latest bot management trends. Forrester found that while bots affect security, e-commerce, marketing, fraud and other teams, security professionals are still the most common bot management users.

Network Detection & Response

James Foster on Taking ZeroFox Public in Hard Economic Times

Michael Novinson • August 8, 2022

James Foster has been swimming against the current for months, taking ZeroFox public by merging with a special-purpose acquisition company despite the worsening economic conditions. The Nasdaq Stock Exchange listing makes ZeroFox the first cybersecurity company to go public in all of 2022.

Finance & Banking

How To Reduce Authorized Payment Fraud

Suparna Goswami • August 8, 2022

What makes authorized payment scams hard to detect? The speed and volume of transactions hinders banks in monitoring for fraud, but David Lott, payments risk expert with the Federal Reserve Bank of Atlanta, says educating customers and leveraging the right technology can help reduce scams.

Anti-Phishing, DMARC

Twilio Customer Data Breached via SMS Phishing of Employees

Mathew J. Schwartz • August 8, 2022

Twilio, which runs a customer engagement platform used by thousands of businesses, says that its employees were tricked via SMS phishing messages into giving attackers their login credentials, resulting in the theft of information on customers, as well as their customers and end users.

Fraud Management & Cybercrime

Hunting the Bad Guys Behind Golden SAML Attacks

Steve King • August 8, 2022

In this episode of "Cybersecurity Unplugged," Yonatan Khanashvili describes in detail how Golden Security Assertion Markup Language attacks occur and how SOC platforms with much greater capacity to cross-correlate data than legacy SIEMs can help defenders detect and hunt for them.

Blockchain & Cryptocurrency

US Gets Russian Accused of Crypto Laundering Extradited

Prajeet Nair • August 5, 2022

Accused cryptocurrency money launderer Alexander Vinnik made his first appearance in U.S. federal court today. The Russian national faces 55 years imprisonment for his alleged involvement in laundering hacking proceeds through Bitcoin on the BTC-e cryptocurrency exchange.