In a case of business email compromise, Chinese hackers stole $18.6 million from the Indian arm of Tecnimont SpA, an Italian engineering company, through an elaborate cyber fraud scheme that included impersonating the firm's chief executive.
What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.
Over the last five years, cybercrime occurrences have escalated dramatically, taking hold of organizations
worldwide - affecting revenue, productivity, information security, and reputation. In 2017 Cost of
Cybercrime Study, the Ponemon Institute emphasizes that, on average, organizations have paid
$11.7 million USD...
Those of you who are CISOs and have been conducting awareness programs for years realize that ''the devil is in the details" when building a successful program. Initial attempts to get an awareness program started are usually done by trial and error- but this hit-and-miss approach is often ineffective or frustrating....
About 30 new health data breaches - including a phishing attack impacting 1.4 million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 6.1 million.
The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources.
Getting employees involved in data security requires explaining the benefits, such as avoiding service interruptions, says Paul Bowen of Arbor Networks, who offers insights on making security part of the daily routine.
It's a fair question: Can you trust the fraud advice you're given from a former fraudster? Especially one who's betrayed law enforcement before? Brett Johnson says he's abandoned crime for good, and he shares insight on the types of fraud schemes he once practiced.
As customers spend more and more money online each year, the opportunities for fraud increase in parallel; experts project a loss of $24 billion to payment card fraud by the end of 2018. Payment card fraudsters rely on a sophisticated ecosystem and support network that provides a wide range of credit card details,...
Leading the latest edition of the ISMG Security Report: Cybersecurity expert Brian Honan provides insights on why organizations that are not yet compliant with GDPR need to focus on several key steps. Also: An assessment of the progress women are making in building careers in information security.
Cybersecurity challenges and solutions have evolved greatly since 2002. And so has the Executive Women's Forum, which was founded that year to advance female leaders in the profession. Founder Joyce Brocaglia reflects on the forum's accomplishments and challenges.
Universities throughout Florida are adding more cybersecurity courses in an effort to better train the next generation of practitioners, says Ernie Ferraresso of the Florida Center for Cybersecurity, which recently provided a second round of funding for the effort.
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Download this thought-leadership whitepaper...