Automated change workflow is essential for any enterprise or government IT organization. A typical organization may receive hundreds of changes required each month with every request requiring hours of manual analysis to assess the potential impact to business continuity and security.
A flaw in the way a change is...
As internet of things devices become increasingly common in the enterprise, CISOs must lead the way in making sure emerging security issues, including a higher risk of distributed denial-of-service attacks, are adequately addressed, says John Pescatore of the SANS Institute, which offers training for CISOs and others.
For organizations that are embracing cloud and virtualized environments, three common-sense steps are proving to be key for providing the visibility and control needed to maximize security across modern IT environments.
Download this eBook to learn how you can implement these steps in your organization.
Information security and risk management teams are frequently asked to update their Board of Directors with the cybersecurity posture of both their company and their vendors. Gartner estimates that by 2020, 75% of Fortune 500 companies will treat vendor risk management as a Board-level initiative to mitigate brand and...
After suffering one of the worst data breaches in history, in which 145.5 million U.S. consumers' personal details were stolen, credit bureau Equifax has hired Jamil Farshchi to serve as its new CISO. Farshchi joins from Home Depot, which hired him after suffering a massive data breach.
Hackers crashed the Winter Olympics, apparently by using destructive malware dubbed "Olympic Destroyer." The attack resulted in the Pyeonchang 2018 website being offline for 12 hours and WiFi unavailable during the opening ceremony, but organizers say no competitions were disrupted.
Leading the latest edition of the ISMG Security Report: England's Court of Appeal rejects U.S. extradition request for suspected hacker Laurie Love. Also, what took Uber and Partners Health so long to come clean about their respective data breaches?
A Canadian museum had multiple points of possible infiltration to protect: employees with memory sticks, phishing attacks, visitors and contractors connecting to Wi-Fi, and exhibit computers. Additionally, the museum had prevented ransomware attacks in the past, but needed to increase its level of protection.
Apple and Cisco say they've partnered with insurers Aon and Allianz to offer cyber insurance policies for organizations that meet best security practices and use products from the technology companies. The partnership follows increasing interest in cyber insurance as a hedge against hacking risks.
The reality of just being able to know what's in the environment is to know where organisations are vulnerable so they can then take the right approaches to addressing it.
A frustrating factor with WannaCry is that it leveraged a known vulnerability, one that had been disclosed for over a month. The patch had...
As a long-time security leader, Qualys CISO Mark Butler has watched the evolution of security tools and platforms. The best-of-breed approach still has value, but also has failed us, he says. How can automation and orchestration provide new business value?
This monthly Security Agenda will highlight some of the most recent additions to our course library. This month's edition features Christiana Care's Anahi Santiago on 2018 risk management priorities. Another influencer, Lewin and Associates' Dr. Jack Lewin discusses the latest medical device security threats. This...
Deception technology can play an important role in intrusion detection because it can help track lateral movements of intruders, says Felix Mohan, CEO at CISO Cybersecurity, who clears up some myths about the technology.
Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region, says Tata Communication' Avinash Prasad in this exclusive interview.