Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for "all hands on deck" to respond to the incident.
We all know that our organization's data may exist on the dark web. Much like a dollar bill of any demonetization looks and feels basically the same, a $1 bill is not worth the same as a $50 or a $100, your organization's potential risk equates to how much your exposed data is worth.
So, how do organizations...
A new strain of the Petya ransomware called "Bad Rabbit" is impacting business and sweeping across Russia and Ukraine, among other Eastern European countries. Like many of the other ransomware outbreaks, understanding fact from fiction is the first step in staying safe.
There is no doubt that every organization now requires advanced malware protection. Even so, there are plenty of organizations that have either not yet implemented this protection, or have it only somewhat implemented. Do these organizations recklessly believe they won't be targeted? Do they think their investment in...
For public sector technology leaders evaluating technologies to combat malware attacks, this report offers important considerations for deploying cloud-based security.
Ransomware and other data security threats are a serious concern for any organization, but the stakes are higher and the risks are greater for...
As of Q1 2018, the global cybersecurity community finds themselves inundated with both internal and external advanced threat actors who are stealthier, more resilient and sadly, more effective than they have ever been before. Many organizations are coming to terms with deciding whether their security posture is...
The dark web is often discussed vaguely or inaccurately, but is a key enabler of the fraud economy, as a streamlined source of trade in payment card and personal data. On the dark web, cyber criminals have developed a "supply chain" of fraud: professionalizing the process, operating enterprises at scale, and passing...
Q2 2018 Guide
Your approach to vulnerability management may be putting your organization at greater risk. Just dealing with vulnerabilities that a vendor said were "critical" isn't enough and may still leave you susceptible to an attack.
Threat-centric vulnerability management (TCVM) offers an innovative and smarter...
Adoption of the new General Data Protection Regulation (GDPR) is motivating organizations worldwide to improve existing technical controls for securing personal information. Organizations should be especially aware that the GDPR and other recent legal developments amplify the negative repercussions of a data security...
Vulnerability scanning, or the process of identifying a list of known security gaps in the network environment, is the focal point for most enterprise vulnerability management programs. The use of vulnerability scanners as security assessment tools is nearly ubiquitous in large organizations. However, as network...
After two years of development in stealth mode, the Sheltered Harbor effort to get U.S. financial institutions to use a standard approach to account data backup is shifting into high gear, says Trey Maust, the new CEO of the initiative, which is backed by FS-ISAC.
Apple and Cisco say they've partnered with insurers Aon and Allianz to offer cyber insurance policies for organizations that meet best security practices and use products from the technology companies. The partnership follows increasing interest in cyber insurance as a hedge against hacking risks.
Learn from our peers' struggles in 2017 to plan your 2018 security transformation
Today's most advanced threat actors - whether external or internal - are stealthier than ever and able to hide within one's systems for days, weeks or even months as they gather intel and prepare to strike. Sixty-one percent of...
A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...
It's frightening what criminals can buy on the dark web, but it's even scarier that they may be buying your own security certificates to use against you. Venafi recently sponsored a six-month investigation into the sale of digital code signing certificates on the dark web. Conducted with the Cyber Security Research...
