Ransomware and nation-state threats are daunting. But the one that concerns Mustapha Kebbeh the most? Supply-chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.
How many ways do U.S. businesses need to be told to lock down their systems to safeguard themselves from ransomware? That's the focus of a new, joint cybersecurity advisory from the U.S. government pertaining to BlackMatter, following an advisory issued last month about Conti.
The World Economic Forum’s 2020 Global Risk Report ranked cyberattacks causing disruption to operations and critical infrastructure among the top five increasing global risks. Accenture estimates that the number of cyberattacks has gone up by 67% in the last five years.
The increasing digital connectivity of...
To reduce risk, security and risk management leaders should eliminate IT and OT silos by creating a single digital security and risk management function. This function should report into IT but should have responsibility for all IT and OT security.
Integrating operational technology (OT) threat monitoring into...
Ransomware threats are now a board-level topic of conversation. All organizations with OT systems need to understand how these attacks are conducted and how to defend against them.
A key industry trend is that vulnerabilities solely affecting the Critical Manufacturing sector rose by 148%. This poses an additional...
The OT security world continues to change to meet new challenges and threats. The 2021 SANS OT/ICS Cybersecurity survey explores how OT defenders across all industries are meeting these challenges and looks to areas where new emphasis can be placed to defend our critical infrastructure as we move forward.
In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner's Office's recent consultation on creating an international data transfer agreement.
John O'Driscoll is the first CISO for the Australian state of Victoria, a job that has purview over 1,900 entities with 340,000 public servants. He's an expert in risk and audit, and that has subsequently lead to interesting conversations about who is accountable for risk and how to manage risk.
The breach of text message routing giant Syniverse revealed yet another supply chain attack involving a key supplier, exacerbated by outdated communications protocols desperately in need of a security revamp and better incentives for improvement, says mobile telephony security expert Karsten Nohl.
A flurry of hacking incidents and other recent breach developments highlight the cyberthreats and risks facing fertility healthcare and other related specialty providers that handle sensitive patient information.
Managing the balance between business innovation and operational needs, with enhanced cybersecurity risk management is creating a global ‘talent crunch.’ The scarcity of highly skilled cybersecurity resources, along with organizations looking to leverage Zero Trust, implement least privilege and just-in-time...
In an effort to bolster endpoint protection within the U.S. government, the White House is ordering federal agencies to allow CISA to access existing deployments. It is also setting timelines for improving the protection of workstations, mobile phones and servers.
The Central Electricity Authority has released a new set of cybersecurity guidelines for the power sector, aimed at securing OT systems and building a resilient security framework. It mandates, among other things, that all power sector companies appoint a dedicated CISO to secure systems.
Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.