A Deloitte survey has revealed that more than 90% of C-level executives slate less than 10% of their cybersecurity budgets to digital transformation projects.This large gap between budgets and technologies creates a cyber vulnerability, where the newest and least understood digital systems are potentially unmonitored...
Following the discovery that attackers Trojanized SolarWinds' Orion software, expect the list of organizations that were running the backdoored network-monitoring tool to keep increasing. But with this being a suspected cyberespionage operation, attackers likely focused on only the juiciest targets.
Five U.S. government agencies have been hit so far via a sophisticated supply chain attack. The intrusions appear linked to subverted software updates for SolarWinds' Orion network monitoring product, which is widely used by businesses and the U.S. government.
The average number of parties with whom an enterprise shares sensitive information is 583, according to the Ponemon Institute.View this webinar to learn about the breadth and implication of third-party data leaks.
Critical authentication vulnerabilities contained in certain GE Healthcare medical imaging products could allow attackers to gain access to sensitive patient data, alter data and affect the availability of the equipment, according to new advisories from the vendor and the U.S. Department of Homeland Security.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
As the time for distribution of COVID-19 vaccines comes closer, law enforcement agencies across the world are warning of organized crime threats, including schemes to sell counterfeit vaccines on the dark web, as well as physical and virtual attacks targeting supply chain companies.
It's understood: Ongoing monitoring of third party relationships is mission-critical. But what constitutes ongoing monitoring? Who should own it? Who should do it? Todd Boehler of ProcessUnity addresses these questions and more.
With over 85,000 third parties ingested and nearly 4,000 third parties assessed, CyberGRX is using this important data to inform the industry and organizations around the world of third-party risk insights and trends.
This white paper gives invaluable insight into topics such as:
Which industries are the most...
Based on the threats and tactics unleashed in 2020, cybersecurity promises to be a top-of-mind business risk for the next president to manage. Bill Swearingen of IronNet Cybersecurity reflects on a virtual roundtable discussion about what to expect over the next four years.
Glen Hymers, CISO and head of data protection at the U.K.-based charity Save the Children International, says adapting to a cloud-first environment requires extensive security measures, including automated monitoring.
This year's pandemic accelerated digital transformation throughout the business world, particularly the healthcare sector. Security leaders and their teams have had to support rapidly changing infrastructures and expanding attack surfaces, as well as introduce new technologies across the healthcare supply chain. But...
IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.