CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

The US top cybersecurity agency has confirmed that the critical vulnerability in file transfer solution provider CrushFTP’s product is being exploited in the wild. The authentication bypass vulnerability, CVE-2025-31161, was added to the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog on April 7. “These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” said the security advisory. CISA strongly urged all…

Read More

7 risk management rules every CIO should follow

7 risk management rules every CIO should follow

“In fact, CIOs often confuse risk management with compliance or cybersecurity, yet risk is much broader,” she says, advising IT leaders designate an enterprise risk officer who can serve as the CIO’s best ally, helping to navigate risks, accelerate strategic initiatives, and provide guidance on where caution is needed versus where speed is possible. Risk management is among the most misunderstood yet valuable aspects of leadership, Saibene observes. When CIOs embrace risk frameworks, they can…

Read More

Decision-making 101: How to get consensus right

Decision-making 101: How to get consensus right

Next up: Figure out which alternatives are both best and most likely to be accepted by most of the group. Schedule a second round of one-on-one conversations, whose purpose is to nudge everyone toward the most likely alternative — the one most likely to be sufficiently agreeable to everyone involved. Yes, this is a lot of work. Consensus decision-making is, as noted, expensive and time-consuming, which is one reason it should be saved for when…

Read More

Boards Urged to Follow New Cyber Code of Practice

Boards Urged to Follow New Cyber Code of Practice

A new government initiative launched today aims to improve cyber-resilience across UK organizations by providing new guidance for boards. The Cyber Governance Code of Practice describes the actions company directors and board members need to take to ensure cyber-risk is managed effectively. The government argued that improving oversight at this level is vital to growing the economy, given that 74% of large and 70% of medium-sized firms experienced attacks and breaches in the past year….

Read More

IT job postings lowest in over a decade

IT job postings lowest in over a decade

Postings for IT jobs are on the wane, having dropped considerably from pandemic peaks. Perhaps more concerning for IT pros is the sense that demand for their services may be at a 10-year low. A recent study from Dice found that 2024 saw 2.24 million IT positions posted, a sharp drop from the 4.08 million IT roles that were posted in 2022, and lower than any previous year going back to 2014 when 2.20 million…

Read More

How CEOs Can Embrace GenAI for Business Growth

How CEOs Can Embrace GenAI for Business Growth

It’s well-trodden ground by now, but generative AI is really one of the business world’s most important technologies. Like it or not, it will soon become integral to everyday business operations. Those who learn how to use it effectively will flourish, and those who don’t will fall by the wayside.  As highlighted by IBM’s The CEO’s Guide to Generative AI highlights, CEOs face serious pressure to integrate the technology into their organization. With AI investment set to…

Read More

IBM, 데이터·AI 컨설팅 기업 하코다 인수···AI 기반 비즈니스 역량 강화

IBM, 데이터·AI 컨설팅 기업 하코다 인수···AI 기반 비즈니스 역량 강화

IBM의 공식 보도자료에 따르면, 이번 인수는 IBM 컨설팅의 데이터 전환 서비스 포트폴리오를 강화하기 위한 전략으로, 특히 AI를 활용한 비즈니스 운영이 가능하도록 고객의 데이터 준비 과정을 지원하는 데 목적이 있다. 하코다는 클라우드 데이터 플랫폼과 AI 분야에 특화된 데이터 컨설팅 기업으로, 스노우플레이크 파트너로서 입지를 다져왔다. 본사는 미국 뉴욕에 있지만, 중남미, 인도, 유럽, 영국 등 전 세계에 걸쳐 수백 명의 전문가를 보유하고 있다. IBM은 이번 인수로 데이터 서비스 수요 증가에 효과적으로 대응하고, 다양한 비즈니스 영역에서 속도, 비용, 효율성을…

Read More

The Shift Redefining Physical Identity Management

The Shift Redefining Physical Identity Management

Every time a security breach occurs, organizations scramble to trace the failure. Often, the answer lies not in their policies, but in outdated identity management systems ill-equipped to meet today’s demands. Legacy PIAM systems were designed for a simpler time, before the rise of hybrid workplaces, AI-driven security tools, and Zero Trust principles. Yet, these systems persist, plagued by limitations in scalability, integration, and security. They fail to provide real-time insights, leaving organizations vulnerable to…

Read More

The new security model: A blueprint for successful SASE deployment

The new security model: A blueprint for successful SASE deployment

Greg Rosenke via Unsplash A decade ago, managing network and security architecture was far simpler. Employees worked primarily from corporate offices, and applications resided within on-premises data centers. The security perimeter was well-defined, making traditional security models effective in protecting enterprise assets. Fast forward to today, and the landscape has changed dramatically. Digital transformation initiatives, cloud adoption and the exponential rise in remote work have diminished the traditional security perimeter. Many enterprise applications have migrated…

Read More

RSA 2025 Product Preview

RSA 2025 Product Preview

RSA 2025 takes place from April 28 through May 1 in San Francisco, California, bringing together cybersecurity leaders from all over the country. Security magazine highlights a few products from this year’s RSA exhibitors. 1Password Automatically Generates Passwords 1Password’s built-in password generator creates secure passwords for all online accounts. Users can go passwordless by saving and signing in to compatible websites and apps with passkeys. Save and autofill passwords, two-factor authentication codes, financial addresses, and more in…

Read More
1 72 73 74 75 76 3,996