Page 2

How IT can support security in the event of a cyberattack

CIOs and CISOs operate as separate jobs leading different departments, but with work that overlaps. Who leads what in the event of an attack can become muddled. 

White House announces CISA, national cyber directors

The appointments coincide with the discretionary funding request the White House submitted on Friday. 

Half of business continuity changes hurt cybersecurity, study shows

Companies take a second look at security practices after business pressures put mobile security at risk, a Verizon report shows.

How to support overworked, understaffed security operations

Strapped for resources, companies can either have their security practitioners wear too many hats, or outsource the responsibilities. 

Payments industry faces potential 'destructive attacks,' Biden cybersecurity official warns

Ransomware and infrastructure attacks are the biggest threats to the industry, a Biden administration cybersecurity official told the American Transaction Processors Coalition. 

Enterprise security leaders fear rising AI use among threat actors: report

Some experts are urging companies to incorporate AI into their cyber defense strategies, while others view the threat of AI as overhyped marketing.

'Advanced cyberconflict' is nearing, researchers say

Enterprises represent 35% of nation-state targets, whereas government or regulatory agencies are 12% of targets, according to the report.

Deep Dive

4 tools to fight fraud, counterfeits and cyberattacks in the COVID-19 vaccine supply chain

Visibility technologies and real-time data provide one version of the truth in a rapidly built supply chain.

VPN security falls short as demand increases for remote workforce at scale

Despite repeated warnings, enterprise customers have fallen behind on patching and upgrades as internal productivity needs take priority. 

Ransomware wins make threat actors push aside other malware

While the FBI encourages a relationship with a victim organization, some businesses are hard pressed to involve law enforcement when fines could follow an attack.

Employees can't quit habit of writing down, sharing passwords

Amid heightened threats, workers are incorporating company names into passwords, writing them on sticky notes and sharing them via email.

Companies missing security in rushed cloud adoptions

While misconfigurations are likely unknown today, they have the potential to become critical vulnerabilities.

Why SMBs miss out on the white-glove cyber insurance advantage

Insurance companies spend less time with SMBs evaluating individual risk profiles, weakening a piece of the global cyber economy.

Opinion

IoT cybersecurity law does not go far enough to protect industry

As networks become more connected and reliant on third-party sources like cloud and SaaS applications, most companies continue to have massive blind spots. 

Enterprises lag on firmware security spending in face of rising threat

IT security officials are often more worried about the difficulty of detecting malware threats, in part because firmware attacks are hard to catch, a Microsoft-commissioned report found. 

Half of companies lack security to support cloud-based IAM: report

Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including lack of visibility and increased complexity.

2020 was a record year for K-12 cybersecurity incidents

U.S. schools faced 408 publicized incidents — an 18% increase over 2019, according to the K-12 Cybersecurity Resource Center. 

How tools impact cyber insurance premiums

From the day insurers write a policy through its term expiration, there is too much volatility for insurance providers to adequately capture risk.

Shift online exposed and expanded college cybersecurity vulnerabilities

Ransomware attacks doubled from 2019 to 2020, according to one report, and experts say the increased use of virtual tools opened up new threats.

Tomorrow's cyber workforce has security skills built-in. That could limit businesses

Cybersecurity truths: The talent pool is growing but not fast enough and there will always be a variety of paths that lead to the same place.

Molson Coors incident shines a light on industrial cyberattack vulnerabilities

The international brewery continues to face delays and financial impacts amid a wave of attacks against manufacturing.

Security leaders: Expect more insider data leaks, threats in 2021

The rise stems from a lack of accurate insight from data loss prevention and cloud access security broker technologies.

Operational threat intelligence leans on facts, less anecdotal evidence

Digesting threat intelligence looks different in IT environments than OT.

Companies use cloud to make network security easier

With the cloud taking over hardware and infrastructure security responsibilities, customers are free to handle application and software security.

Cybersecurity spending is up but so are breaches

Healthcare, media, entertainment and gaming experienced the greatest growth in breaches last year, coinciding with a "big shift" toward digital transformation, Canalys found.