It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry. The proceeds will bolster its protection for cryptocurrency lending protocols and better defend the money flowing into and out of the cryptocurrency ecosystem.
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
The Food and Drug Administration on Thursday issued revamped draft guidance providing updated and detailed recommendations for how medical device makers should address cybersecurity risk in the premarket of their products, especially as the threat landscape continues to evolve.
The integration of third-party components and software is an increasingly critical area of security risk that needs more attention from medical device manufacturers, says Anura Fernando, global head of medical device security at safety certification firm UL.
The bad guys are out there, watching and waiting for an opportunity to strike. They are gathering information about your organisation and users, devising the perfect plan to infiltrate your defences. What if you could see your organisation through the eyes of an attacker?
Attend this webinar to learn:
The...
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Hellman Worldwide Logistics, one of the world's biggest logistics and shipping firms, is warning that its operations remain disrupted following an online attack of unspecified nature. The attack comes amid a busy season for e-commerce and shipping, with supply lines already stretched thin, experts say.
Applications aren't the only iterative processes that today's developers have to contend with. Security has become of prime importance to organisations and their end users, with some teams finding that they're having to wrestle between speed and security to get the job done. It doesn't have to be this way. In this...
Discover how ABN Amro built a self-service threat modeling process for DevOps and scaled secure design across its organisation. ABN Amro reached out to IriusRisk as they embarked on a major digital transformation program - Project Apollo - moving from their private data centers to the cloud - which would affect 500+...
The fundamental basis of threat modeling is identifying, communicating and managing security weaknesses. The key principle underpinning threat modeling is “secure design” which means in practice addressing design flaws. Ideally threat modeling activities will take place from the inception of the project at the...
The banking and finance sector is changing. While digital transformation brings opportunities, it also brings challenges around cybersecurity and data protection. Threat modeling meets these challenges, providing fast, scalable security and risk analysis, tailored to your business' unique needs.
This ebook...
In ransomware attacks, cybercriminals attack through the backups because they know that security practitioners rely on backups to save themselves after a ransomware attack. Therefore, it is essential to have multiple backups, says Tom Kellermann, head of cybersecurity strategy at VMware.
Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.