The SEC voted 3-1 to advance new, mandatory cybersecurity rules for registered investment advisers, companies and funds. The proposal - open for a 30-day public comment period - would require entities to adopt and implement written cybersecurity policies and a 48-hour incident reporting mandate.
Jeff Williams, co-founder and CTO of Contrast Security, says people have a right to know if the products they use are secure. It's difficult to tell if software is secure, he says, so companies need incentives to build good security programs, improve their software and disclose any flaws they find.
This edition of the ISMG Security Report analyzes what prosecutors say is the biggest cryptocurrency seizure in U.S. history as well as the biggest financial seizure. It also details how a school district CISO resigned over the district's handling of a severe data breach and busts Zero Trust myths.
Are ransomware-wielding criminals running scared? That's one likely explanation for the sudden release this week of free, master decryption keys for three different strains of formerly prevalent ransomware: Maze, Sekhmet and Egregor.
Technology giant Microsoft has released patches for 51 vulnerabilities as part of its Patch Tuesday announcement. Of the total, none of the fixes are for critical bugs, and three are rereleased patches. Separately, the company says it will block internet macros by default in its Office applications.
The European Central Bank, the central bank of the 19 EU countries using the euro, has reportedly warned against potential Russian cyberattacks, and EU banking institutions are reportedly conducting cyber war games to test resiliency against a potential cyber offensive, according to Reuters.
The arrest of a married New Yorker couple, charged with laundering bitcoins worth $3.6 billion that were stolen from a currency exchange in 2016, highlights the risk facing anyone who wants to launder large amounts of cryptocurrency and stay free long enough to enjoy their alleged rap career.
In a U.S. Senate hearing on Tuesday, the Apache Software Foundation and leaders from Cisco, Palo Alto Networks and The Atlantic Council discussed open-source software security, urging both government and private sector entities to recognize the breadth of the free-to-use software and adversaries' willingness to...
As a CISO in financial services, Bradley Schaufenbuel of Paychex enjoys the velocity of change - no two days are alike. But with that pace comes a corresponding uptick in supply chain risk, which adds a new degree of difficulty to an already challenging leadership role.
Israeli officials announced they will set up a commission of inquiry to investigate reports that the nation's police force used the flagship spyware of Israeli firm NSO Group, called Pegasus, to hack the phones of Israeli public officials, journalists and activists.
Jameeka Green Aaron, CISO of Auth0, says, "We're not protecting technology; we are protecting people." Because of that, she is a strong proponent of "privacy by design" in security controls, and she strongly advocates for viewing fraud and privacy together - not separately.
The CISO for a Dallas-based school district quit his job over the district's handling of a severe data breach that occurred in August 2021. A TV broadcaster has revealed that two students in the district were responsible even though the district claimed the intruder was a "third party."
The House of Representatives on Friday passed a bill that Democratic lawmakers say will help the U.S. compete with China economically when it comes to manufacturing semiconductor chips and bolstering both supply chains and the technology workforce.
Swissport, a global company that provides aviation-related services, confirmed it was hit by a ransomware attack on Thursday. The incident has now been contained, and a full system cleanup and recovery process is underway with no significant delays in sight, a company spokesperson says.
As information security officer at MVB Financial Corp., Cara Coleman says the single biggest cybersecurity threat is just keeping up with the pace of attacks - and understanding the sophistication and trickery of the broad range of attackers. Here's how she tackles the challenge.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.