Whether it's insider or third-party vendor access, organizations are realizing they need to do more with their privileged accounts and systems. But traditional approaches often leave organizations with wide gaps in security. Sam Elliott of Bomgar explains what companies need to look for when it comes to access...
Data broker Equifax has released a revised count of U.K. victims of its massive 2017 data breach, now saying 860,000 residents had their personal details exposed. The data broker is offering its own fraud-monitoring services to breach victims, provided they share their personal details.
Technologists are wrangling with an identity puzzle: Is it possible to create a single digital identity that can be seamlessly and securely used at a bank, a hospital or consumer websites? It's the holy grail of identity. But experts say blockchain is likely not the answer right now.
When building a next-generation cybersecurity operations center, or CSOC, organizations must first understand their attack profile and determine the scope of threat monitoring needed, says Jagdeep Singh, CISO at Rakuten India, an e-commerce company.
A recent incident involving an Indiana hospital that publicly admitted to paying a $55,000 ransom to unlock data following a ransomware attack - despite having backup systems - highlights the need to test data recovery plans.
Virtual currency that's been surging in value, stored in internet-connected banks and virtual "hot wallets": What could go wrong? The answer includes well over $175 million worth of stolen cryptocurrency and attacks that have been tied to North Korea's Lazarus Group.
As a longtime investor in companies offering cybersecurity solutions, Alberto Yépez of Trident Capital Cybersecurity is most concerned by a lack of investment in one key area; replacing aged technologies that are supporting critical infrastructure industries, such as power utilities.
We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed.
This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.
The cyber espionage group that executed a campaign against the Democratic Party has been gearing up to attack the U.S. Senate, cybersecurity firm Trend Micro warns. Separately, a Senate report demands that the White House do more to prevent the 2018 and 2020 U.S. elections from being disrupted.
There are roughly 3,000 cybersecurity vendors in the market today, and former FireEye CEO Dave DeWalt says conditions are right for even greater market growth. How does he see the marketplace evolving in 2018?
In a reversal, chipmaker AMD is now warning that its chips are susceptible to the speculative execution flaws in microprocessors known as Spectre, but not to the Meltdown. Separately, Intel has confirmed that its firmware updates have led to stability problems for older Broadwell and Haswell processors.
Following the alert over Meltdown and Spectre vulnerabilities, the U.K. Information Commissioner's Office is warning that failures to patch today could be punished with fines under GDPR once enforcement of the data protection law begins later this year.
Mobile phone retailer Carphone Warehouse has been hit with one of the largest fines ever imposed by Britain's data privacy watchdog after an attacker breached its outdated WordPress installation, exposing 3 million customers' and 1,000 employees' personal details.
Patch or perish to protect against Meltdown and Spectre attacks, and prepare to keep patching as Intel, AMD and ARM, as well as makers of devices running Apple, Google and Windows operating systems, including Apple iOS and Android smartphones and tablets, continue to refine their fixes.