Ukraine traced a cyberattack that delayed a press briefing by the nation's information protection agency Tuesday to Russian Sandworm hackers. The group accused of using wiper malware to disrupt the Ukrainian national Media Center has close ties with the Russian GRU, investigators say.
How does a CISO map his goals to the security investments made by a company long before he came onboard? How can you balance the short-term and long-terms goals at a new organization? Aditya Vardhan, CISO of Jindal Power & Steel, shares his insights on ensuring a smooth transition.
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
Identity and access management company Okta revealed that its private GitHub repositories were accessed earlier in the month, resulting in the theft of its source code in its Workforce Identity Cloud code repositories. "No customer data was impacted," Okta says.
The latest edition of the ISMG Security Report discusses why it is always a bad idea for organizations to pay hackers for data deletion, practical steps organizations can and should take to avoid being at the heart of a data subject complaint, and the latest efforts to tackle the ransomware threat.
Cloud vendors from Amazon, Microsoft and Google to IBM and Sumo Logic have turned to Sysdig's Falco open-source threat detection engine to secure their environments. Sysdig CEO Suresh Vasudevan says Falco has become the standard for threat detection in the industry.
What happens when a water management facility –classified as critical infrastructure and essential services– is infiltrated by a foreign threat actor?
This case study dives into an in-depth analysis of the security challenges faced, conditions under which the breach happened, and how the whole situation was...
This report dives deep into the modern endpoint detection and response (EDR) platform that is driven by artificial intelligence/machine learning for security effectiveness.
Download this report and learn more about:
Advanced automated threat detection and response capabilities, with no need for human...
This report shows how IBM Security ReaQta provides complete endpoint threat coverage of sophisticated cyberattacks with virtually no human intervention while producing top-quality alerts.
Download this report to learn about how ReaQta delivered:
100% detection coverage across the cyber kill chain
Ransomware gangs rely on shotgun-style attacks using phishing or stolen remote access credentials to target individuals. This strategy snares less poorly prepared organizations, and that often means healthcare entities. Experts share insights on this plague on healthcare and what to do about it.
Especially for healthcare organizations, repelling ransomware attacks hinges on having robust monitoring and defenses in place to spot the signs of an unfolding attack and shut it down before crypto-locking malware gets unleashed, says Peter Mackenzie, director of incident response at Sophos.
The need for AWS security has increased as S3 buckets have evolved from a dumping ground for data to the home for critical cloud-native applications, says Clumio co-founder and CEO Poojan Kumar. Information in S3 buckets is susceptible to both accidental deletions and cyberattacks.
The push to migrate applications to cloud-native architectures has driven increased use of containers and created the need for more security, says Veracode CEO Sam King. Veracode's expertise in application security helps the company identify open-source code and known vulnerabilities in containers.
In the next three years, CISOs face daunting challenges, including rapidly changing threat vectors, new APT attacks and the implementation of new defensive solutions, says Anuprita Daga, chief information security officer and chief data protection officer at Yes Bank.