Indian hyperlocal logistics provider Grab says it wasn't hacked by a Malaysian hacktivist group. DragonForce Malaysia posted last Saturday on Twitter and Telegram the purported details of Grab delivery personnel. The group is amid an active campaign dubbed OpsPatuk against Indian targets.
Cloudflare sees opportunity in the growth of zero trust and is integrating recent email and cloud security acquisitions with native data security and network discovery capabilities. "I like the fact that we can grow in both directions," says company CEO Matthew Prince.
When building an insider risk management program, don't start "too large or too quickly," says Randy Trzeciak of Carnegie Mellon University. He says the first step is to protect your organization's critical assets and services and then "build a risk program appropriate to those assets."
Ronald Raether of Troutman Pepper says privacy, data security and information governance departments must collaborate to reduce unauthorized access to systems by criminals and make data operationalization more effective. He also says proper data mapping, governance and classification are critical.
CTO Daniele Catteddu of the Cloud Security Alliance sees significant gaps in how the cybersecurity industry delivers education and training. For example, he says, while organizations are demanding Zero Trust services and guidance on implementation, the industry's offerings do not meet that demand.
The overlying problem in cybersecurity is scale and the complexity that comes from that scale, says Philip Reitinger, president and CEO of the Global Cyber Alliance. He says we need to simplify how we defend ourselves and "give individuals and companies products that meet them where they are."
Publicly traded companies will need to beef up their cybersecurity knowledge since the the U.S. Securities and Exchange Commission is proposing rules and guidelines that would mandate more stringent oversight of cyber risk, says Roger Sels, former vice president of cyber solutions for BlackBerry.
Crum & Forster CISO Chris Holden says it's critical to see cybersecurity as a business enabler rather than a business inhibitor. He is taking on the perception that security is the "Department of No" and works hard to change the culture at his company.
Canada's Desjardins Group has reached an out-of-court settlement to resolve a data breach class action lawsuit. The breach, which the credit union group first disclosed in 2019, traced to a "malicious" insider who for 26 months had been selling personal details for 4.2 million active customers.
Iranian hackers may be responsible for rocket sirens sounding for almost an hour in two Israeli cities on Sunday night. This comes amid heightened tensions between Tehran and Jerusalem and discovery of a phishing campaign in Israel that cybersecurity firm Check Point has attributed to Iran.
Issues with passwords are legion: too many to remember; inherent security weaknesses, and inconvenience, but while many look forward to the day when passwords are no more, for now they are ubiquitous because they are useful, and one of the best ways to enhance their security is through the use of a password manager.
Siemens is advising its SINEC NMS customers to update to version V1.0 SP2 or newer in order to prevent exploitation of vulnerabilities that could allow remote execution of malicious code. As an alternative, customers could just restrict access to affected systems to trusted IP addresses only.
Ransomware struck global currency exchange and remittance company Travelex on New Year's Eve 2019. Don Gibson, a security architect at Travelex, became publicly linked with the incident, and the undesired attention he received contributed to a health situation that nearly led to a tragic outcome.
A new Android malware that can steal financial data, credentials, crypto wallets, personal data and cookies; bypass multifactor authentication codes; and remotely control infected devices is targeting online banking customers and financial institutions, cybersecurity researchers at F5 Labs say.
Evolving to a zero trust architecture can be overwhelming for organizations, leaving many unsure of where they should even start. Cloudflare Chief Security Officer Joe Sullivan urges CISOs to break the journey into bite-sized chunks that can be easily digested.