How can an enterprise improve response to emerging threats across a large third-party portfolio? By implementing a comprehensive threat and vulnerability response framework. Gary Phipps of ProcessUnity discusses the third-party risk challenge and solution.
Four years since Trump's last term, the cyber picture looks - in many ways - markedly different. How will the incoming administration tackle Russian disinformation and cyber operations against NATO, rampant Chinese cyber espionage, and cybercriminals and ransomware continuing to disrupt businesses?
By collecting, analyzing, and leveraging data from security events, security analytics empowers teams to proactively detect anomalies and pinpoint vulnerabilities to mitigate targeted attacks, insider threats, and advanced persistent threats (APTs).
AI has enabled supply chains to become more proactive and predictive. Through machine learning algorithms, natural language processing and advanced analytics, organizations can now forecast demand with greater accuracy, anticipate potential disruptions and optimize inventory management in real time.
Thoma Bravo has begun interviewing underwriters as it explores an initial public offering for SailPoint, Bloomberg reported last week. The private equity firm hasn't finalized details, including the timing of a potential listing for the identity governance and administration vendor.
Hellman & Friedman has met with several investments banks in recent weeks and will choose one to run the sale process for Paramus, New Jersey-based Checkmarx, in which it hopes to get at least $2.5 billion, Calcalist reported. The private equity firm bought Checkmarx for $1.15 billion in April 2020.
Verizon’s 2024 DBIR shows a gap between generative AI's perceived capabilities and its actual use in cyberattacks, citing skyrocketing gen AI "hype" and very low actual gen AI "mentions" alongside traditional attack types. But it's still essential for security leaders to focus on AI risks now.
Federal regulators and SolarWinds are eyeing a truce weeks after a judge dismissed most claims related to misleading investors about the company's security practices and risks. SEC lawyer Christopher Bruckmann said his team "proposed specific settlement terms," but the defense is unlikely to accept.
CrowdStrike is in talks to acquire Houston-based patch management and vulnerability remediation startup Action1 for close to $1 billion, co-founder and CEO Alex Vovk told employees in an email Wednesday. This would be the largest acquisition in the endpoint security vendor's history.
Microsoft's statement that a faulty CrowdStrike update affected less than 1% of active Windows systems doesn't tell the full story, since large organizations in critical sectors make up a disproportionate part of the user base, as the outages in healthcare, transportation and banking demonstrate.
We can't overlook the human factor. The adoption of Zero Trust is a response to the vulnerabilities that human actions can introduce, and AI is expected to bring greater automation to help organizations achieve their cybersecurity objectives faster.
The theft of terabytes of Snowflake customers' data through credential stuffing hacks highlights how multifactor authentication shouldn't be optional for safeguarding accounts. Experts are calling on providers to build in more robust identity and authentication security features, at no extra cost.
What's the best strategy for exploiting a known vulnerability in ransomware to help victims decrypt their files for free? That question continues to recur as researchers discover such vulnerabilities and then must weigh whether or not to publicize the flaws, which tips off the ransomware operators.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.