In the latest weekly update, ISMG editors discuss how organizations can comply with the new PCI DSS 4.0 requirements, whether other countries should follow the U.S. lead on legislating software bills of materials, and key strategies for CISOs preparing for an economic downturn.
The United States is arguably involved in a cyberwar against Russia and China - and appears to be losing. In this episode of "Cybersecurity Unplugged," Tom Kellerman of Contrast Security and Richard Bird of Traceable.ai discuss what the U.S. government and companies need to do to win this cyberwar.
Should the now-former CSO of Uber have reported a security incident to authorities after discovering signs of unusual behavior? That's one of the big questions now being asked in the closely watched trial of Joe Sullivan, who's been charged with covering up a data breach and paying off hackers.
Errol Weiss, chief security officer of Health-ISAC for the past three years, watched the healthcare sector undergo a historic revolution in the digital delivery of services to patients. Also in that time, the attack surface grew exponentially. How can entities best defend it?
From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.
Deep Instinct has tasked the former CEO of Palo Alto Networks and COO of Zscaler with reworking the company's go-to-market strategy to better serve large enterprises. The company has moved longtime executive Lane Bess from the executive chair to the CEO's seat to recruit experienced sales leaders.
In the latest "Proof of Concept," David Pollino, former CISO of PNC Bank, and Ari Redbord, head of legal and government affairs at TRM Labs, join ISMG editors to discuss ethical concerns for CISOs, cryptocurrency regulations, and potential foreign interference in the U.S. midterm elections.
Defending data is an increasingly complex task today, with the threat landscape expanding into unthought-of devices and communication methods, from IOT to the cloud, all while attackers seek to exploit any new vulnerabilities created. To tackle this dynamic landscape, our detection and response tools have grown in...
Vista Equity Partners has joined Thoma Bravo in the take-private cybersecurity spree, offering to buy security awareness training behemoth KnowBe4 at a $4.22 billion valuation. KnowBe4 says it has received a nonbinding offer from Vista of $24 per share for the shares not currently owned by Vista.
Four editors at Information Security Media Group analyze private-public partnerships today, preview ISMG's upcoming cybersecurity summit in Africa and discuss the increasing use of intermittent or partial encryption by ransomware gangs as a means to extort money from victims faster.
Anand Atre began his role as deputy CSO of Crux Informatics soon after the start of the COVID-19 pandemic, and he soon confronted the challenge of how to properly secure a hybrid workforce. He outlines his strategies for cybersecurity and employee education.
This compendium brings together Gigamon's thought
leadership work in collaboration with Information Security
Media Group between during H1 2022. Gigamon's resources
include two fireside chat webinars, two panel interview
videocasts & eBooks, plus a field research survey, expert
analysis and report of results....
A new (ISC)² member pulse survey on remote work policies in 2022 found that cybersecurity professionals who get to choose where to work are the most satisfied, while those being forced back into the office are the least satisfied. The association advises firms to discuss options with employees.
Evolving social engineering campaigns - including a significant rise in vishing attacks - continue to pose significant data security threats to healthcare and public sector entities, federal authorities warn, urging entities to take steps to avoid falling victim.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."