Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.
The Chertoff Group recently participated in a tabletop exercise on defending against cyber-enabled economic warfare. What do the results say about U.S. defenses and resiliency? Adam Isles shares insights.
Security needs to keep pace with the application development life cycle to avoid becoming a roadblock, and automation can play an important role, according to David Meltzer and Lamar Bailey of Tripwire.
A ransomware attack last fall on a company that provides billing and other business services to health plans and hospitals resulted in a breach affecting more than 600,000 individuals, according to Michigan state officials. But what makes breach determination in ransomware attacks so difficult?
A variant of the long-running Ursnif banking Trojan is able to better evade security protection and has the ability to steal not only financial information but also email user accounts, the content of inboxes and digital wallets, researchers report.
Patch or perish, March edition: Microsoft releases fixes for 65 new vulnerabilities, including two that are being exploited in the wild. Also, Adobe issues updates for Photoshop and Digital Editions following a critical fix for a ColdFusion flaw that was being exploited in the wild.
Automation is the first step toward full-blown machine learning and artificial intelligence. But unfortunately, automation already is being weaponized for malicious purposes, says Fortinet's Derek Manky.
As security and business leaders find a new common language in the discussion of business risk, enterprises need to revisit how they assess, measure and communicate cyber risk, says Kevin Flynn of Tenable.
If you had to guess what day of the week a hacker will hit your organization, the answer might seem obvious: Hackers prefer to strike on Saturday. And a review by Redscan of cybersecurity incidents reported to Britain's privacy regulator before GDPR took effect confirms it.