As a retired Air Force general and the former federal CISO of the United States, Gregory Touhill is well-versed in critical infrastructure protection and resiliency. Now, as the new director of CMU SEI's CERT division, he has the opportunity to help foster new levels of education and collaboration.
As CISO of Johnson & Johnson, Marene Allison was used to gauging her security posture by the top threat activity: nation-state, cybercrime, insider or hacktivist. But in 2020, they all struck at once. Here is one CISO's take on the state of the industry.
Insider threats are one of the fastest growing categories of risk across organisations today. Companies have long been aware of the insider threat problem. But few are dedicating the resources or executive attention they need to actually reduce their risk. Others may be ready to make that commitment but just don’t...
Extended detection and response, or XDR, helps to detect threats and improve responses and is easier to manage than SIEM, according to experts from Verizon.
Remote work isn’t a trend, but a new way for businesses to operate. There’s no longer a defined parameter to operate. Instead, IT teams are coping with multiple devices, networks, locations and ways of enabling employees to access professional applications. Cybercriminals are capitalising on this opportunity.
In...
To help mitigate the risks of state-sponsored cyberattacks against India's critical infrastructure - and improve detection and response - requires industry collaboration and information sharing, root cause analysis with specialized forensics, and better testing of code, a panel of experts says.
The adoption of the Secure Access Service Edge, or SASE, model is being driven by numerous factors, including the need to bring down administrative costs and to effectively manage network security, according to a panel of experts who offer implementation advice.
A Kansas man faces federal charges for allegedly accessing the network of a local water treatment facility and tampering with the systems that control the cleaning and disinfecting procedures, according to the Justice Department. The charges follow a similar security incident at a Florida facility.
Four editors at Information Security Media Group review the latest cybersecurity issues, including Microsoft Exchange server hacks, insider threat management and implementing a "collective defense."
The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.
Welcome to the Cyber-Espionage Report (CER), our first-ever data-driven publication on advanced cyberattacks. The CER is one of the
most comprehensive overviews of the Cyber-Espionage landscape, offering a deep dive into attackers, their motives, their methods and the
victims who they target. The report serves as a...
This paper clarifies the key components of the Zero Trust Architecture in terms that are familiar to security professionals. It defines the four pillars of the new standard: segmentation, access policy, trusted identity, and trusted endpoints, and explains how they can be implemented such that only trusted users on...
To help prevent and defend against emerging cyberthreats, CISOs must develop a multi-line defense strategy and invest in threat-hunting capabilities and orchestration, a panel of cybersecurity experts advises.
Insider threat programs can help significantly reduce the chance of system compromise or breach. This can help organizations save substantial amounts of money and avoid loss of brand reputation and customer trust.
Download this guide to learn how to build your insider threat program with tips like determining...
While an external attacker trying to gain access to the network might raise a number of flags, someone internally who steals information might not raise any suspicion at all. This leaves organizations vulnerable to insider threats.
Download this guide to learn about three tools and methods that can help you detect...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.