According to some researchers, up to 61 percent of recent data breaches were a result of a third-party vulnerability. Matan Or-El, CEO of Panorays, discusses the weakest links of supply chain security and how to strengthen them with automated tools.
Facebook's data deals continue to be probed. A criminal investigation of Facebook by federal prosecutors in New York has resulted in records being subpoenaed "from at least two prominent makers of smartphones and other devices," the New York Times reports.
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
As organizations take on more ambitious digital transformation initiatives, their digital risk grows to new levels that require heightened management. RSA President Rohit Ghai explains the need for digital risk management.
Emily Heath is two years into her tenure as CISO at United Airlines. One of her key initiatives is to grow the company's security organization in a manner that emphasizes diversity, inclusion and skills.
Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.
Patch or perish, March edition: Microsoft releases fixes for 65 new vulnerabilities, including two that are being exploited in the wild. Also, Adobe issues updates for Photoshop and Digital Editions following a critical fix for a ColdFusion flaw that was being exploited in the wild.
As security and business leaders find a new common language in the discussion of business risk, enterprises need to revisit how they assess, measure and communicate cyber risk, says Kevin Flynn of Tenable.
To enable digital transformation, security practitioners need to shift away from a traditional network-based security focus and instead develop a security policy that meets users' business requirements, says Scott Robertson, vice president, Asia Pacific and Japan, at Zscaler.
If you had to guess what day of the week a hacker will hit your organization, the answer might seem obvious: Hackers prefer to strike on Saturday. And a review by Redscan of cybersecurity incidents reported to Britain's privacy regulator before GDPR took effect confirms it.
Officials in Jackson County, Georgia, along with the FBI are investigating a ransomware attack that crippled IT systems over a two-week period and reportedly led local officials to pay a bitcoin ransom worth $400,000 to restore systems and infrastructure.
Too many organizations continue to approach security with a "perimeter defense" mindset despite enterprise networks long having moved past on-premises data centers to myriad cloud services, says Ajay Arora of Vera Security.