Call to action: Information security teams should "include mental health topics in their team meetings, their management reports and metrics, as well as face to face meetings," says to Thom Langford, head of security consultancy (TL)2, speaking from experience.
Reviewing 2018 attacks, Jon Clay of Trend Micro, says social engineering persists, including phishing attacks, while criminals also continue to steal credentials, lob ransomware at targets and push cryptomining malware.
Victims of hurricanes, wildfires and other disasters now face a second hit: The U.S. Federal Emergency Management Agency inadvertently shared 2.3 million disaster survivors' personal data of with an agency contractor, leaving victims at increased risk from fraud and identity theft.
What's hot on the cybersecurity legal front? For starters, in 2018, the U.S. Department of Justice indicted twice as many alleged state-sponsored attackers than it had ever indicted, says Kimberly Peretti of Alston & Bird.
Cybersecurity leaders hear a lot about speaking to the board. But increasingly, these leaders are also tapped to serve on boards of directors. What business skills are most needed and often lacking? Executive recruiter Joyce Brocaglia of Alta Associates and the Executive Women's Forum explains.
Simpler is better. While that might be a frequent truism in life, it's especially applicable to the technology landscape facing organizations, as CISOs attempt to manage cloud services, 5G and other emerging technologies, says Steve Neville, director of corporate marketing at Trend Micro.
The challenge of wanting to adopt the latest and greatest point products, as opposed to opting for a more platform-based approach, seems never-ending, and can only be managed by bringing greater amounts of automation to bear, says Skybox Security's Michelle Cobb.
Karl Racine, the attorney general for Washington, D.C., is looking to strengthen the District's data breach laws, specifically by offering greater protection for consumers and holding businesses accountable when they are breached or lose data.
Life after WannaCry and NotPetya: Europol, the EU's law enforcement intelligence agency, wants member states to be able to rapidly respond to the next big cyberattack against Europe. But with warnings of ongoing Russian election interference campaigns, the next big attack may already be underway.
What is the role of professional certification companies in the cybersecurity education ecosystem? In part one of a two-part panel discussion on the future of cybersecurity education, John McCumber of (ISC)2 and Rob Clyde of ISACA share their philosophies.
What are America's universities doing to help fill the cybersecurity skills gap felt by enterprises worldwide? In part two of a two-part panel discussion on the future of cybersecurity education, Lisa Ho of the University of California-Berkeley and Amit Elazari Bar On of Intel Corp. offer insights.
Enterprises are getting wiser to understanding the insider threat. But mitigating it? That remains a challenge - especially at a large scale. Mohan Koo of Dtex Systems talks about how to blend human and data analytics to address the challenge.
Facebook has corrected an internal security issue that allowed the company to store millions of user passwords in plaintext that were then available to employees through an internal search tool.
Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
The ultimate responsibility of every CSO and CISO is to foster culture change and awareness, because that is every organization's single greatest data security and physical security control, says Andrew Rose, CSO of Vocalink, which is a MasterCard company.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.