To a modern IT organization, resiliency is about aligning their security, data protection, and availability strategies with business priorities and enterprise risks rather than following a traditional approach linked to infrastructure layers. This ensures that business processes are tied to applications since that’s...
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger Grimes, KnowBe4’s...
What are the latest cybersecurity issues? Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.
While the U.S. government is making strides in improving the nation's cybersecurity, it needs to do more to protect critical infrastructure from attacks and create public-private partnerships to improve national security, the Cyberspace Solarium Commission notes in a report published Thursday.
In a letter sent to National Cyber Director Chris Inglis this week, a bipartisan group of lawmakers says clearer lines of demarcation are needed to better define the responsibilities of federal officials involved in cybersecurity.
The Office of Management and Budget is ordering federal agencies to begin identifying "critical software" that needs protection as part of the effort to fulfill President Biden's cybersecurity executive order. Executive branch agencies then will have a year to implement security measures.
On Tuesday, the Senate, by a vote of 69-30, passed a $1 trillion infrastructure spending bill that would provide additional money for cybersecurity over the next several years, including extra funds for the Department of Homeland Security and its Cybersecurity and Infrastructure Security Agency.
NIST is updating "cyber resiliency" guidance to focus on mitigating modern cyberthreats to IT networks, especially ransomware and nation-state attacks. A draft encourages security defenders to move away from a perimeter-based defense to building resilient IT systems.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
The FDIC has failed to properly update its policies for mobile device usage, conduct regular control assessments of its mobile device management solution or adequately log and monitor mobile cybersecurity practices, according to a new report from the Office of the Inspector General.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.
The U.S. Cybersecurity and Infrastructure Security Agency is creating the Joint Cyber Defense Collaborative to build a national cybersecurity defense strategy based on collaboration between the public and private sectors, CISA Director Jen Easterly said at the Black Hat 2021 conference Thursday.
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.