To recruit and retain cybersecurity specialists, organizations must "stop expecting people just to be sort of 'focused monkeys' and doing one particular task and turning the handle," says Keith Martin, professor of information security at Royal Holloway University in the U.K.
The Federal Reserve Bank of Atlanta and Georgia State University’s Evidence-Based Cybersecurity Research Group are working together on a research project focused on how to prevent online payments fraud. Two participants describe the project's goals.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.
The U.S and its allies formally accusing China of cyberattacks on Microsoft Exchange servers comes as no surprise because it's "indicative of the behavior of the administration in China for many years now," says Cybereason CSO Sam Curry.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
In the latest weekly update, a panel of Information Security Media Group editors discusses the repercussions of the Kaseya ransomware incident, the immediate response of the cybersecurity community and key risk management takeaways.
The biggest security gaps emerge as enterprises transition from old to new ways of working. Quentyn Taylor of Canon for Europe and Chandrodaya Prasad of Cisco's Security Business Group are most concerned about the gap between NetOps and DevOps.
CISO Gary Hayslip prides himself on being a mentor to up-and-coming cyber pros. But he also takes leadership roles in two causes that don't get nearly as much attention: stress management and building a more neurodiverse workforce.
It was stealthy, and it was widespread. But perhaps the Kaseya VSA ransomware attack wasn't quite as effective and damaging as initially feared, says Michael Daniel, president and CEO of the Cyber Threat Alliance. He explains where defenses succeeded.
The Kaseya VSA ransomware attack was discussed exhaustively over the Fourth of July holiday weekend. But there's one big question that hasn’t been answered, says Tom Kellermann, head of cybersecurity strategy at VMware Carbon Black: "Who gave REvil the zero-day?"
As organizations prepare a plan for migrating to the Secure Access Service Edge, or SASE, model, they need to carefully assess the need for reorganization of the networking and security departments, says Nat Smith, senior director, security analyst at Gartner, which coined the SASE term.
The FIDO Alliance, which is developing and promoting authentication standards designed to help reduce reliance on passwords, has unveiled user experience guidelines and new FIDO2 standards enhancements, says Andrew Shikiar, executive director.