Learn about best practices for privileged access management (PAM) in the context of how you’d secure valuables in your own home. In this episode of The Drawing Board, our experts discuss three PAM controls for guarding the pathways leading to the most sensitive resources in your house:
IBM has bought a startup founded by a longtime security leader in the Israeli Prime Minister's Office to ensure personal identifiable information isn't left unprotected. The deal will ensure sensitive data isn't exposed in public cloud data stores or SaaS apps like Slack, SharePoint or Office 365.
Huntress has completed a Series C round to expand beyond the endpoint protection market and bring managed security to identity and cloud. Hackers are increasingly going after employee accounts at SMBs and using the compromised identity to move into other systems via SSO, CEO Kyle Hanslovan said.
Small electric utilities, wastewater facilities and hospitals struggle with defending their organizations against emerging cyberthreats given their meager resources, U.S. government officials said. Many utilities have failed to adopt cyber best practices despite the available tools and training.
Among the requirements of a modern XDR solution: speed, remediation and ability to work with disparate toolsets. These are hallmarks of Cisco's new XDR solution, and Mike Storm lays out its capabilities and how he envisions XDR's future.
New bipartisan legislation introduced in the U.S. Senate - the Rural Hospital Cybersecurity Enhancement Act - aims to help address the shortage of cybersecurity skills facing rural hospitals, which increasingly find themselves in the crosshairs of hackers, including ransomware attackers.
Former chief security officer Joe Sullivan avoided jail time for his role in impeding a federal investigation into Uber's security practices, but attorney Lisa Sotto of Hunton Andrews Kurth LLP warned security leaders and executives "to take heed" and ensure they are covered for personal liability.
The "shift left" movement puts "unrealistic" expectations on developers, said Gayatri Prakash, vice president and general manager of compliance at CloudBees. She said installing new tools to manage various parts of the SDLC is not necessarily "going to solve our problem for security."
Institutional pharmacy PharMerica says personal data of nearly 6 million current and deceased patients was caught up in a March hacking incident. The Money Message ransomware group claims to be the attacker, posting on its dark web leak site multiple spreadsheets the group says contain patient data.
Cybercrime watchers continue to see prolific use of information-stealing malware such as Raccoon and Vidar, which are being used to populate stolen digital identity listings at markets such as Genesis, RussianMarket and TwoEasy, as well as via Telegram channels offering "clouds of logs."
A rural Utah healthcare provider is notifying more than one hundred thousand individuals of a cybersecurity incident. Hackers may have accessed or stolen patient data of 103,974 patients who received care between March 2012 and last November.
A newly uncovered hacking group with a string of cyberespionage successes is targeting Ukrainian and pro-Russian targets alike. Malwarebytes in a Wednesday dubs the threat actor "Red Stinger," saying the group is the same as the "Bad Magic" threat actor revealed by Kaspersky in March.
Cyber resilience is "even more critical in the post pandemic world," said Amit Basu, CISO of International Seaways. The NIST framework is a useful tool for developing, testing and maintaining cyber resilience, but too often security teams neglect the "detect" and "respond" functions, he added.
Toyota on Friday disclosed that it exposed online for a decade car location data belonging to more than two million Japanese customers. The data by itself cannot be used to identify individual car owners, the carmaker said. Also exposed: video taken outside the vehicle with an onboard recorder.
In the latest weekly update, ISMG editors discuss how the Feds have dismembered Russia's 'Snake' cyberespionage operation; the ongoing debate over privacy laws and regulations in the APAC region; and why more companies are banning the use of generative AI tool ChatGPT.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.