The U.S. National Institute of Standards and Technology has revised its guidance for organizations to counter supply chain risks. The new document addresses how to identify, assess and respond to cybersecurity risks throughout the supply chain at all levels of an organization.
U.S. President Joe Biden on Thursday signed into the law the Better Cybercrime Metrics Act, which aims to improve data collection on cybercrimes. The law requires the DOJ and the FBI to compile detailed statistics about cybercrime and develop a taxonomy to help contextualize and sort this data.
New York state officials are investigating a data breach at Illuminate Education, maker of a widely used software platform for K-12 schools. More than 1 million current and former New York students' personal details were exposed, and some students in California, Colorado and Connecticut were also affected.
John Kindervag, creator of Zero Trust, and two ISMG editors discuss whether we have advanced or regressed in security technology, implementing Zero Trust security in OT environments, and how federal agencies are progressing with Zero Trust adoption a year after the cybersecurity executive order.
Containers and cloud-based resources are being used to launch DoS attacks against Russian, Belarusian and Lithuanian websites. Cybersecurity firm CrowdStrike's researchers say that through their Docker Engine honeypots, they observed two different Docker images targeting these assets.
How can organizations improve their resilience in a world that seems increasingly unpredictable? Advisory CISO Wolf Goerlich of Duo Security at Cisco shares findings from Cisco's Security Outcomes Study and offers considerations for CISOs on how to build robust cyber resilience programs.
Digital transformation has made enterprises more dependent than ever on APIs. And as a result, API security is now more critical than ever. Roey Eliyahu of Salt Security discusses API attacks, misconceptions and what's truly needed in an effective API security solution.
Cybersecurity companies took Thursday's sell-off on the chin, with Rapid7, Cloudflare and SentinelOne experiencing double-digit stock price drops in Wall Street's worst day of 2022. The Nasdaq Composite Index fell 5% Thursday amid concerns around inflation and soft earnings from online retailers.
A new malicious campaign that siphons off intellectual property and sensitive data - including documents, blueprints, diagrams, formulas and manufacturing-related proprietary data - has been identified by researchers at Cybereason as being the work of Chinese APT Winnti, based on forensic analysis.
Connecticut has just become the fifth U.S. state to get a comprehensive data privacy and online monitoring law, as Senate Bill No. 6 passed into law on Wednesday. The law will go into effect on July 1, 2023, which means that organizations in the state have just 14 months to prepare for compliance.
Fortinet's operational technology business will surpass its SD-WAN practice due to the elevated threat environment and increased interest from manufacturing customers, CEO Ken Xie says. Fortinet's OT bookings grew 76% in the quarter ended March 30, outpacing SD-WAN bookings growth of 54%.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.