APIs are the connections that make digital business happen. Companies on average rely on more than 15,000 APIs, but these interfaces pose security risks. In this "Deep Dive" special report, ISMG's Anna Delaney explores how security leaders are tackling API security.
Return-oriented programming continues to pose significant security challenges. Assistant Professor Bramwell Brizendine discusses how ROP exploits binary vulnerabilities for process injection and the advancements in tools designed to automate ROP chain generation.
As the chief privacy officer at UChicago Medicine, Karen Habercoss likes to tell her peers, "I know more about security than the average bear." And her knowledge has been put to the test in recent years, with the adjustment to remote work, telehealth and digital transformation.
Trail of Bits' Michael Brown explores the dual challenges of applying AI and ML to cybersecurity and securing these evolving technologies themselves. He discusses the complementary nature of traditional and AI/ML-based approaches and highlights the pressing need for secure development life cycles.
The recent CrowdStrike outage has forced CISOs to rethink their approach to software updates and security practices. David Brumley, CEO of Mayhem Security, discusses why thorough code analysis, staged rollouts and stress testing are crucial for ensuring software reliability.
AI-powered tools such as Microsoft Copilot can be manipulated by attackers to access sensitive data and perform unauthorized actions, says Michael Bargury, co-founder and CTO of Zenity. Enterprises must address these new security challenges when adopting AI technologies.
As concerns grow about China's cyberthreat to U.S. critical infrastructure, Scythe founder and CEO Bryson Bort suggests the actual risk may not be as severe as feared. He explains the factors that might limit China's cyber activities and the real strategic vulnerabilities that could be targeted.
Cyberattacks have become increasingly disruptive and often involve encryption or deletion of data that makes systems inaccessible. This creates substantial downtime and complicates the recovery process for organizations, said Jason Cook, AVP of worldwide partner sales engineering at Rubrik.
AI has revolutionized app development, while also introducing security challenges. Liqian Lim of Snyk discusses the importance of implementing security measures early in the development process to manage AI tool-related risks and safeguard the software development life cycle from vulnerabilities.
David Gee, board risk adviser, non-executive director and author, shares leadership lessons from his career in his latest book, "The Aspiring CIO and CISO." He discusses his approach to managing cybersecurity risks, engaging with teams and simplifying communication.
The insurance industry faces rapidly changing fraud tactics from sophisticated cybercriminals, and identity theft and synthetic fraud are becoming critical challenges. Experts discuss how cybercrime complicates fraud detection and share lessons the insurance industry can learn from banking.
Theresa Lanowitz, chief evangelist of LevelBlue, says healthcare governance teams struggle to differentiate between cyber resilience and cybersecurity, leading to misalignment between cybersecurity and business goals. This gap exposes data and organizational operations to cyberthreats.
Social engineering attacks pose a severe threat to healthcare call centers, as recent breaches demonstrate. Sumant Mauskar, senior vice president of sales and global partnerships at Pindrop, discusses how voice biometrics and deepfake detection can protect sensitive information.
Aftin Ross, deputy director of the Office of Readiness and Response at FDA's Center for Devices and Radiological Health, discusses the latest medical device cybersecurity regulations, industry collaboration and manufacturers' efforts to address vulnerabilities and ensure patient safety.
In the latest weekly update, ISMG editors explore evolving ransomware threats, including rising attacks in healthcare and other critical sectors, a shift from cybercrime groups such as LockBit to lone-wolf operators, and why Russian ransomware gangs are dominating the global stage.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.