Attorney Ann Marie Mortimer shares tips on reducing liability in the event of a data breach and how ordinary security team communications, standard incident response reports and bug bounty payments can make a bad situation even worse.
A new WastedLocker malware variant, dubbed WastedLoader, is exploiting two vulnerabilities in Internet Explorer to insert malicious advertisements into legitimate websites, the security firm Bitdefender reports.
Roger Sels of BlackBerry believes our approach to cybersecurity is broken. In this interview, he explains how security leaders can safeguard their organizations more effectively by resetting the status quo.
Allen Phelps, CEO of the security firm Trust Farm, reviews some of the tactics, techniques and procedures used by foreign influence threat actors to target research organizations and shares some best practices to defend against those threats.
In the wake of recent attacks on supply chains and critical infrastructure, Adrian Mayers says it's time for cybersecurity to be seen as an issue of national defense, and that cybersecurity leaders throughout the private and public sectors must embrace their role to protect national interests.
Colonial Pipeline Co.'s CEO, Joseph Blount, said Wednesday that he authorized the payment of a $4.4 million ransom just hours after the company was hit by a DarkSide ransomware attack, telling The Wall Street Journal, "It was the right thing to do for the country."
The Colonial Pipeline ransomware attack was every CISO's nightmare. And Roger Caslow of HRSD has faced a similar nightmare before. Caslow and Amit Basu of International Seaways weigh in on this recent attack, its significance and how ransomware defenses must change.
Are there better ways to characterize, assess and handle big, bad bugs to help organizations better prioritize remediating them? Allan Liska, an intelligence analyst at Recorded Future, discusses better ways to focus vulnerability hunting.
It's common to say, "The human element is our weakest cybersecurity link." But author and educator James Bone has a different perspective. He weighs in on the human factor and the criticality of modifying enterprise risk management strategies.
Wendy Nather, head of advisory CISOs at Cisco, recently teamed up with researcher Wade Baker to investigate cybersecurity metrics and determine how to make a cybersecurity program measurably more successful. She shares some of her more surprising findings.
The COVID-19 pandemic created unique conditions for technology and surveillance practices to erode global privacy. In this discussion of their RSA Conference keynote, Niloo Howe and David Cole share their research, case studies and analysis.
The "zero trust" security model, in the context of mainframe security, might be different than you'd think. Stuart McIrvine of Broadcom separates myths from realities and discusses the life cycle of zero trust on the mainframe.
Troels Oerting, a veteran CISO who most recently served the World Economic Forum, has a storied career. He's been there, done that and mitigated the risk. In this exclusive conversation, he shares his opinions on today's threats, emerging technologies and challenges for the next generation of security leaders.
The threat posed by ransomware attacks, including the growth of cybercriminal cartels, double extortion schemes and big game hunting targeting larger organizations, requires an international response, Anne Neuberger, the deputy national security adviser for cyber and emerging technology, told attendees Tuesday at RSA...
What do the world's leading encryption and security experts think about non-fungible tokens, supply chain attacks, coordinated vulnerability disclosure and the state of quantum computing? The cryptographers' panel at RSA Conference 2021 addressed all these issues.