Page 2

Supply chain attacks could open up vendor competition, Moody's says

The continued proliferation of ransomware attacks could lead cyber insurers to reexamine coverage terms. 

CISOs at SMBs bogged down by small teams, budgets

To choose a new security solution, CISOs with small teams rely on an employee with existing experience with a technology, a Cynet report shows. 

Attention to K-12 cybersecurity grows in nearly 100 bills introduced in 2020

With K-12 becoming a top target due to a combo of high-value data available and limited protection, a new report examines legislative trends.

How to translate threats and risk to C-suite

When communicating with the C-suite or shareholders, CISOs have to speak equal parts security and bottom line. 

Opinion

Gartner: Steps to respond to a supply chain attack

Businesses require tools to detect the lateral movement from an initial compromise and an incident response plan.

Tomorrow's cyber workforce has security skills built-in. That could limit businesses

Cybersecurity truths: The talent pool is growing but not fast enough and there will always be a variety of paths that lead to the same place.

GDPR regulators are sinking their teeth into violators. 2020's fines are proof.

The European regulation took about a year before major fines were introduced. Watchdogs are in a grey area of harnessing better privacy standards and having zero tolerance for negligent or intentional violations.

Supply chain attacks renew focus on limiting privileged access to cloud data

Supply chain attacks and rapid shifts to cloud data storage have led companies to reduce access by third-party vendors and employees to sensitive data.

Cyberattacks cost financial firms $4.7M on average last year: report

Weak endpoints and a lack of policy enforcement are imposing extra costs on companies as home-based workers remain vulnerable.

Democrats control Congress. Will 2021 be the year for federal privacy laws?

Don't hold your breath.

Gartner's 3 stages to a mature privacy program

With a patchwork of international privacy laws to consider, there isn't a one-size-fits-all privacy framework. But companies can focus on data management systems to remain compliant.

Biden campaign cyber chief named federal CISO

Cybersecurity veterans praised the appointment, highlighting Chris DeRusha's extensive government and private sector experience, useful for navigating SolarWinds fallout.

Mimecast attributes supply chain attack to SolarWinds' hackers

The global email security provider was hit by a malicious attack that compromised a certificate used to authenticate some Microsoft 365 products. 

UPDATED: Jan. 26, 2021 at 11:31 a.m.

Privacy investments mitigate security losses, report finds

Spending on data privacy has become a priority amid new concerns about COVID-19 data and remote work environments, a study from Cisco shows.

Actors behind Ryuk testing different operations, challenging attribution

Ransomware's most prominent threat groups are forcing companies to make the malware a permanent part of their threat models. 

Cyberthreat trends in the remote work landscape

With more workers logging in from home, companies face new cybersecurity challenges and opportunities.

Biden to nominate Obama DHS alum as CISA director: report

Rob Silvers is reportedly stepping into the role left vacant by Chris Krebs after his termination.

Verizon: Software installation enables sneaky cyber espionage

Compared to other breaches, cyber espionage campaigns move "low and slow," said Verizon's John Grim. 

Cybersecurity market set to reach $60B in 2021: report

Unknown threats, like the ones emerging from the SolarWinds hack, are shaping the future of investments.

Technology's greatest supply chain challenge? Establishing trust

Geopolitics play a role in how the private sector purchases technology, influencing what on- and offshore vendors companies decide to trust.

2020 marked by fewer, but more damaging, data breaches

The total number of records exposed in data breaches — more than 37 billion — represented a 141% increase from 2019, Risk Based Security says.

Cyber and security officials to watch in the Biden administration

The Biden administration has promised a fast-paced first 100 days, with attention toward the SolarWinds breach and boosting U.S. cyber defenses.

Malwarebytes attack linked to SolarWinds' nation-state actors, CEO says

Microsoft notified the cybersecurity firm of a compromise involving Office 365 and Azure consistent with prior nation-state attacks.

Cyber defense panel sees more private sector coordination following SolarWinds

Defense and intelligence experts say federal agencies need to strengthen private sector support, intelligence sharing to prevent the next big nation-state attack. 

Symantec spots 4th malware related to SolarWinds hack

Raindrop took on the role of the memory-only dropper Teardrop for organizations of greater interest to the hackers.