IT leaders stress the need for stronger risk management

IT leaders stress the need for stronger risk management

Risk management was analyzed in a recent report by AuditBoard. The study revealed that expanding expectations are coming at a time when internal audit has limited bandwidth for advisory-related services — and increasing risk demand and insufficient risk management capacity are creating a risk coverage gap for the business. The report looks at where internal audit teams are currently spending the majority of their time, and where adjustments could be made to help shift focus to value-added, risk-related activities. Key…

Read More

Preparing for a post-quantum future amid machine identities

Preparing for a post-quantum future amid machine identities

The world of technology is abuzz with the potential of quantum computing — a report estimates the quantum computing market to balloon from $10.13 billion in 2022 to a staggering $125 billion by 2030, reflecting a powerful 36%+ compound annual growth rate (CAGR). These powerful machines promise to revolutionize fields like materials science, drug discovery and artificial intelligence. However, amidst the excitement lies a potential threat: quantum computers have the ability to break current encryption…

Read More

New honeypot techniques for addressing targeted attacks

New honeypot techniques for addressing targeted attacks

Automated at-scale attack campaigns now represent the vast majority of online threats, and are starting to blend together with targeted attacks. As the number of these attacks increases, so does the cyber risk for organizations.   Unfortunately, the most common approaches to defense — including vulnerability management, phishing awareness, signature-based network and endpoint detection — are neither effective nor efficient in addressing these kinds of attacks because traditional third-party threat intelligence cannot provide adequate targeted…

Read More

Summer travel plans? Don’t get scammed while you’re away

Summer travel plans? Don’t get scammed while you’re away

Your itinerary is set.  Your luggage is packed.  You’ve even scheduled the Uber pickup for the morning trip to the airport. It seems as if nothing now stands in the way between you and clicking that glorious out-of-office button. However, if you work in IT or security, your pre-summer vacation checklist must go beyond the items you’ll pack inside a suitcase. How will you maintain the organization’s cyber security posture when you’re away from the…

Read More

Locking out ransomware: A new way to look at security strategy

Locking out ransomware: A new way to look at security strategy

Ransomware attacks are accelerating at a record pace, becoming dramatically more frequent and more sophisticated. In fact, nearly 60% of companies experienced ransomware events in the last year, forcing desperate businesses to cough up a staggering $1 billion in ransom payments. That’s up from the $220 million that was paid to bad actors in 2019. Change Healthcare is just one recent example. The company was hit with one of the largest ransomware attacks within healthcare,…

Read More

Recovery point objectives 101: Planning for cyberattacks

Recovery point objectives 101: Planning for cyberattacks

Congressional hearings regarding the UnitedHealth cyberattack that occurred earlier this year revealed that the massive security incident could cost the company a total of $1.6 billion. During testimony, UnitedHealth CEO revealed that hackers infiltrated its systems through a remote portal that wasn’t protected by multifactor authentication and other safeguards the company had in place that were designed to prevent and detect also failed. Unfortunately, there are many companies that find themselves victims of cybercrimes like…

Read More

Beyond the breach: The ongoing fragility of healthcare cybersecurity

Beyond the breach: The ongoing fragility of healthcare cybersecurity

A wave of ransomware attacks in the United States and United Kingdom that have disrupted clinical operations and forced hospitals in both regions to turn away patients is the latest reminder of the fragility of life-saving infrastructure and how lucrative it can be for attackers looking for a payday or an opportunity to sow discord into the lives of patients.  In May, St. Louis-based Ascension Healthcare, one of the largest private healthcare systems in the…

Read More

Challenges and opportunities that AI presents CISOs

Challenges and opportunities that AI presents CISOs

The artificial intelligence (AI) landscape is constantly shifting. To maintain pace with these evolving technologies, CISOs must prepare for additional complexity in their security strategies.  While AI presents a challenge for CISOs, it also offers an opportunity. Here, we talk with Jadee Hanson, Chief Information Security Officer at Vanta to discuss the risks and benefits of AI.  Security magazine: Tell us about your title and background. Hanson: I serve as Chief Information Security Officer at…

Read More

How threat hunting secures organizations: A proactive security strategy

How threat hunting secures organizations: A proactive security strategy

Threat hunting involves actively searching for threats instead of waiting for alerts from defense systems. It is about taking the initiative to find irregularities and deviations in computer systems. Often, there are no alerts to signal an intrusion. Threat hunting targets threats that have already bypassed automated detection systems. It facilitates the identification of attackers who have penetrated the infrastructure and are practically indistinguishable from legitimate users by standard security measures. Threat hunting complements automated…

Read More

Super Bowl security tips for planning corporate security strategy

Super Bowl security tips for planning corporate security strategy

While football fans are enjoying Super Bowl 58 on February 11, most viewers probably don’t realize how much preparation goes into securing such a colossal event. Like sporting events organizers, corporate teams can benefit from implementing some core ideas from big event security into their own security strategy. To see how, walk in the shoes of an event security team for a bit. The big stage attracts the big hack First, consider this iconic scenario:…

Read More
1 2 3