Since 2015, more than 22,000 organizations have fallen victim to business email compromise (BEC) attacks. The FBI estimates that organizations have lost an estimated USD $3.08 billion to these attacks.
Download this guide to protect your organization by learning:
How BEC works and why it succeeds: the targets and...
The Department of Homeland Security, which missed meeting last week's deadline for submitting a new cybersecurity strategy to Congress, could be months away from providing lawmakers with that policy, a top DHS cybersecurity official says.
Google has run out of patience with Symantec's digital certificate business. It has outlined a plan that over time will have its Chrome browser reject all of Symantec's existing digital certificates and force all of its future certificates to be reissued every nine months.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.
In this white paper, Fidelis Cybersecurity will outline key steps to take in the first 72 hours of detecting an alert, how to distinguish what type of incident you are facing and the key differences on how to respond. Based on our firsthand experience, we provide lessons learned from the front lines to explain why it...
Historically, the only way organizations could come close to capturing high-fidelity data about what's happening on their network was to invest in a packet capture system.
That's so yesterday.
Full packet capture systems were never designed to facilitate the detection or investigation of advanced threat actors....
FBI Director James Comey worries about data corruption, and he's focused on hackers altering data. But if government leaders feed false information into computer systems, what should IT and IT security practitioners do to protect data integrity?
Security product testers have architectured their test suites to adhere to the technologies of the past 10 years. However, as endpoint security and the threat landscape continue to evolve, so must testing suites evolve as well. Advanced methodologies and a more robust testing criteria are essential to keep...
The latest version of the Trump administration's draft cybersecurity executive order would direct the federal government to take a risk-based approach to IT security and hold agency heads responsible for the security of their organizations' IT assets.
Certification and accreditation (C&A) has been like alphabet soup. As it transitions to assessment and authorization (A&A), it's time to sort through the confusion and identify which terms and processes apply in any given situation.
This paper sorts through the confusion to identify which terms, approaches, and...
Most organizations that enable users to perform online transactions have implemented security measures to address fraud. Currently, one of the most common safeguards used in a wide array of products/services is two-factor authentication (2FA).
In recent years, 2FA has become employed by global tech leaders like...
Many IT professionals use remote administration tools to troubleshoot and fix PC problems remotely, just as if they were sitting behind the keyboard themselves. But these tools are also used for different purposes today. Both nation states and hacktivists use modified these tools, creating Remote Access Trojan's...
Looking to go at it alone when securing your public cloud environment? Without a clear understanding of its nuances, even the most state-of-the-art solution won't make it past an annual compliance audit.
This detailed guide is for those pursuing PCI DSS compliance on their DIY cloud security environment.
Download...
As cyber threats become more complex in nature and the attack surface grows, enterprises are shifting to a risk-centric threat identification, containment, and remediation security strategy, prioritizing investments in tools and capabilities to detect threats and respond to incidents faster and more...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.