As the Information Security Media Group editors wrapped up their coverage of RSA Conference 2023, everyone agreed that it was good to have the cybersecurity community back together in one place, working to solve the serious issues it faces, including AI, adversaries and "regulatory tension."
The intelligence community long refrained from adopting open-source technology, but its value has become evident with the rise of cloud computing and machine learning. Practitioners also are shifting toward open-source intelligence to augment the information obtained through human intelligence.
A federal judge sided with Google in a bid to block online infrastructure behind an info stealer masquerading as legitimate versions of the Chrome browser and Google Earth Pro. Google estimates the CryptBot malware infected 670,000 computers last year.
As threats continue to increase in frequency and sophistication, managed detection and response or MDR is becoming an increasingly important component of any organization's cybersecurity strategy and can help organizations overcome a major challenge facing security teams - the skills shortage.
Hybrid and remote work are here to stay, says Elizabeth Harz, CEO of Awareness Technologies and the Veriato workforce behavior analytics platform, and that means more expensive breaches, surveys show. Harz discusses the need to monitor employees and to be transparent about why you are doing it.
The geopolitical upheavals of the last few years have led to a huge uptick in cybercrime driven by nation-state threat actors. Cyberwarfare has become new age terrorism, and critical infrastructure industries such as healthcare are taking the brunt of the risk, said Yevgeny Dibrov, CEO at Armis.
Networking was created as a "trust everything" approach that "doesn't know who you are, doesn't know your content or why you're doing it." In the future, according to John Maddison, CMO of Fortinet, all that connectivity will be secure, and the market for secure networking will become bigger.
Now in its 10th year, the Thales Data Threat Report outlines and quantifies the key threats faced by the global cybersecurity industry. Ransomware continues to be a growing threat but, surprisingly, more than half of respondents have no defense plan in place, said Thales' Todd Moore.
Cybercriminals are becoming increasingly innovative and shifting toward more targeted and destructive attacks, using wiper malware, which was previously only used by APT-focused, nation-state actors. Also, ransom payment demands are reaching seven to eight figures.
Effectively leveraging threat intelligence can be very difficult when an organization does not know its environment thoroughly. In such a case, the challenge for the organization is to identify its weaknesses, according to Christian Lees, CTO of Resecurity.
It's getting harder to distinguish between normal and unusual threat activity, with more sophisticated attacks exacerbated by hybrid work and, soon, AI attacks. Defenders need correlated rather than isolated telemetry to get more signal and less noise, say Jeetu Patel and Tom Gillis of Cisco.
The threat posed by cybercriminals and fraudsters creates shared risks across the financial services industry including fintech companies. But fintech firms can balance rapid innovation with security and work with each other and governments to repel attackers, said Razorpay CISO Hilal Lone.
The way we secure workloads today is vastly different due to remote work and the move to the cloud following the pandemic. More modern SASE solutions such as zero trust have been adopted, and organizations are moving from legacy such as MPLS to software-defined networking and cloud-based solutions.
Policy buzz around RSA Conference 2023 is centering on the new National Cybersecurity Strategy that seeks to hold software makers liable for security flaws. While federal officials say the industry will embrace the new rules, some are talking about the lobbying and legal challenges ahead.
Point32Health, which provides health plans to millions of New Englanders and is Massachusetts' second-largest health insurer, is still struggling to recover 10 days after it identified a ransomware attack that forced the company to take many of its IT systems and functions offline.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.