Image: Shutterstock

Skyrocketing Cyber Insurance Premium Growth May Slow

Akshaya Asokan • January 31, 2023

Premiums for cyber insurance have climbed sharply along with global rates of ransomware. But signs of increased competition and capital inflows suggest the cyber insurance market may be softening, Marsh executive Sara Stephens told a U.K. parliamentary committee.

Business Email Compromise (BEC)

Reported Data Breaches in US Reach Near-Record Highs

Latest

Endpoint Security

Trellix CEO on Unifying Endpoint, SecOps and Data Protection

Michael Novinson • January 31, 2023

Trellix will debut a console that offers endpoint, security operations and data protection capabilities and a plug-in for network detection and response. The company has moved FireEye's best-in-class detection engines to the cloud for NDR and examined how to address areas such as packet capture.

Governance & Risk Management

Juniper Exec Samantha Madrid on Pursuing Single-Vendor SASE

Michael Novinson • January 31, 2023

Juniper Networks has debuted security service edge capabilities that help clients consistently apply zero trust policies in the cloud regardless of the user or device. Juniper takes the policies customers already use within their network and converts them to cloud-delivered policies with one click.

Application Security

Snyk CEO Peter McKay on Making Defense Easier for Developers

Michael Novinson • January 31, 2023

The nearly $200 million it raised in December will allow Snyk to consolidate the developer security market through organic investment and M&A, says CEO Peter McKay. Snyk has focused on bringing open-source security, container security, infrastructure- as-code security and cloud security together.

Breach Notification

ITRC Breach Report: Lack of Transparency, Details Worsen

Anna Delaney • January 31, 2023

The Identity Theft Resource Center's 2022 Annual Data Breach Report reveals a near-record number of compromises - the second-highest number in 17 years. ITRC COO James Lee worries that a sudden lack of transparency in breach notices is creating more risk for consumers.

Customer Identity & Access Management (CIAM)

Founder Sachin Nayyar Back as CEO of Identity Vendor Saviynt

Michael Novinson • January 31, 2023

Saviynt has brought founder and longtime leader Sachin Nayyar back as its chief executive to govern access around privileged, machine and third-party identities. Saviynt wants Nayyar to implement a strategy that incorporates everything from critical apps and cloud workloads to IoT devices and bots.

Critical Infrastructure Security

Russian Sandworm APT Adds New Wiper to Its Arsenal

Mihir Bagwe • January 31, 2023

Security researchers say they found the Russian intelligence-linked Sandworm threat actor deploying a novel disk wiper against an energy sector company located in Ukraine. Data wipers have played a key role in Russia's hacking campaign against Ukraine.

Will Hive Stay Kaput After FBI Busts Infrastructure?

Mathew J. Schwartz • January 31, 2023

What's not to love about an international law enforcement operation visiting disruption on Hive, the ransomware-wielding crime syndicate? But with no suspects in jail, it's unclear how long this takedown might stick before the bad guys reboot or rebrand.

Governance & Risk Management

Tenable's $25M Venture Capital Fund Seeks Early-Stage Firms

Michael Novinson • January 30, 2023

Tenable has debuted a $25 million corporate investment program to support prevention-focused startups focused on technologies such as cloud, OT and identity. The Baltimore-area exposure management vendor says Tenable Ventures plans to scour Israel and the United States for startups.

Governance & Risk Management

Are We Doomed? Not If We Focus on Cyber Resilience

Steve King • January 30, 2023

In this episode of "Cybersecurity Unplugged," Patricia Muoio, a partner at SineWave Ventures, discusses the need for cyber resilience as security leaders face the inevitable stream of cybercrimes, how to achieve it through a zero trust approach, and how CISOs and the government can help.

Blockchain & Cryptocurrency

Coinbase Fined 3.3 Million Euros by Dutch Central Bank

Rashmi Ramesh • January 27, 2023

The Dutch central bank fined Coinbase 3.3 million euros, saying the U.S. cryptocurrency exchange failed to comply with the national anti-money laundering statute. Since May 2020, Dutch law has required crypto companies operating in the Netherlands to register as money transmitters.

Fraud Management & Cybercrime

ISMG Editors: Why Are Ransomware Profits Dipping?

Anna Delaney • January 27, 2023

In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether ChatGPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.

Fraud Management & Cybercrime

Targets of Opportunity: How Ransomware Groups Find Victims

Mathew J. Schwartz • January 27, 2023

As ransomware continues to pummel numerous sectors, and lately especially the manufacturing industry, how does any given organization end up becoming a target or victim? Cybercrime watchers say the answer involves initial access brokers, botnets, targets of opportunity and, above all, profit.