In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.
Data breaches in the healthcare sector cost about $10.1 million - more than double the average cost of breaches across other industries - once again ranking the sector as having the most expensive data breaches, says Limor Kessem, principal consultant of cyber crisis management at IBM Security.
Three ISMG editors discuss important cybersecurity issues, including the sharp rise in Maui ransomware attacks, how the FBI seized cryptocurrency ransom payments worth $500,000 from North Korean attackers and advice for CISOs navigating the great zero trust debate.
The basic foundation of designing a reliable and dynamic cyber resilience program is to have an elaborate incident response plan that can take into account different cyberthreat scenarios and outcomes, says Singapore-based Christophe Barel, who is managing director for Asia-Pacific at FS-ISAC.
With dozens of cybersecurity vendors offering solutions, today's zero trust debate is not about whether to do it but rather how to implement it. Some argue that firewalls and VPNs are dead while others caution against cobbling together new solutions. Experts advise to start small - but start now.
How does a zero trust architecture help reduce the risk of remote access to corporate networks? Ajay Kumar Dubey, channel director at Forcepoint, shares his views on why VPNS are no longer relevant. He also discusses implementing SASE and controlling access to cloud and private apps.
What happens when traditional security methods such as legacy VPNs and firewalls simply aren’t enough to protect employees as they connect to untrusted networks?
Two words that can help prevent unauthorized access and costly breaches as a result. Those words? Zero Trust. A new way of verifying user identities and...
The rapid shift to remote working early in the pandemic and the discovery of serious new flaws such as Log4j have driven criminals to continue probing "what's vulnerable, and how to exploit it," says Casey Ellis, CTO and founder of Bugcrowd. Here's how he recommends organizations respond.
Anneka Gupta, chief product officer at Rubrik, discusses embedding zero trust principles into how the security company provides data resilience, data observability and data recovery for organizations. She also describes the "software-first" approach of building immutability directly into software.
The Biden executive order on cybersecurity was a catalyst for action, with tight delivery times for steps including promotion of SBOMs and zero trust. The cyber-physical nexus and expanding threat surface mean it's not easy to maintain vigilance, but recognizing that is the first step.
The latest edition of the ISMG Security Report describes why firewalls and VPNs don't belong in Zero Trust design. It also discusses cybercriminals' evolving ransomware tactics and the devastating price of responding to a ransomware attack, as experienced by Travelex in 2019.
Discover how you can accelerate digital transformation and master your remote security strategy with the Gartner® Market Guide for ZTNA. Dive into the benefits, recommendations and new key findings in a detailed market analysis.
Read the guide today and learn:
How to Evaluate ZTNA Offerings
The Critical Role...
Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.
Tired of keeping track of passwords? Recent announcements by major platform vendors Google, Apple and Microsoft could have passwords down for the count in the next six years, says Andrew Shikiar, executive director of the FIDO Alliance, which has been on a 10-year mission to eliminate passwords.
What are the implications of security regulations that have made it a legal requirement that only secure and authenticated code should run IoT devices?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.