Ransomware and nation-state threats are daunting. But the one that concerns Mustapha Kebbeh the most? Supply-chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.
To mark Cybersecurity Awareness Month, the National Cyber Security Alliance and U.K. based behavioral science and data analytics company, CybSafe, have released their Annual Cybersecurity Attitudes and Behaviors Report 2021, which uncovers key trends, behaviors and habits among tech users.
A spate of ransomware incidents affecting the education sector has led to the loss of student coursework, financial records and data relating to COVID-19 testing. Matthew Trump, senior IT security officer for the University of London, U.K., outlines incident response strategies.
How many ways do U.S. businesses need to be told to lock down their systems to safeguard themselves from ransomware? That's the focus of a new, joint cybersecurity advisory from the U.S. government pertaining to BlackMatter, following an advisory issued last month about Conti.
Accenture says an online attack against it that it first disclosed in August resulted in "the extraction of proprietary information by a third party, some of which was made available to the public by the third party." The LockBit 2.0 ransomware operation has taken credit for the attack and dumping data.
A data breach affecting MakerBot's Thingiverse 3D printing repository website is far bigger than what the company has acknowledged, a former employee claims. Upwards of 2 million users may have been affected by the breach, which left their 3D printers at risk of being hijacked.
To reduce risk, security and risk management leaders should eliminate IT and OT silos by creating a single digital security and risk management function. This function should report into IT but should have responsibility for all IT and OT security.
Integrating operational technology (OT) threat monitoring into...
Ransomware threats are now a board-level topic of conversation. All organizations with OT systems need to understand how these attacks are conducted and how to defend against them.
A key industry trend is that vulnerabilities solely affecting the Critical Manufacturing sector rose by 148%. This poses an additional...
The OT security world continues to change to meet new challenges and threats. The 2021 SANS OT/ICS Cybersecurity survey explores how OT defenders across all industries are meeting these challenges and looks to areas where new emphasis can be placed to defend our critical infrastructure as we move forward.
In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner's Office's recent consultation on creating an international data transfer agreement.
The latest edition of the ISMG Security Report features an analysis of attempts made by European law enforcement to encourage young cybercriminals to channel their skills in more ethical ways. Also featured: Fraud detection and response; inspiring behavioral change.
The breach of text message routing giant Syniverse revealed yet another supply chain attack involving a key supplier, exacerbated by outdated communications protocols desperately in need of a security revamp and better incentives for improvement, says mobile telephony security expert Karsten Nohl.
Dutch cybercrime police have a message for almost 30 users of an on-demand distributed denial-of-service site: We see what you're doing; now cut it out or we're going to arrest you. And not for the first time, the move shows police in Europe emphasizing ethical hacking pursuits instead for young adults.
In an effort to bolster endpoint protection within the U.S. government, the White House is ordering federal agencies to allow CISA to access existing deployments. It is also setting timelines for improving the protection of workstations, mobile phones and servers.
One measure of the damage being done by ransomware groups continues to be how many victims get listed on ransomware operators' dedicated data leak sites, as part of their so-called double extortion tactics. Unfortunately, the number of victims doesn't appear to be declining.