The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.
Based on real-world experience and research, this whitepaper shares insights into five of the most dangerous and common IaaS configuration mistakes that could expose your public cloud computing environment to a worst-case security scenario. These are:
Early hacked administrative credentials
The report tabulates the responses to the survey and draws conclusions as to how best practices are reflected in observed practices, as well as the influence of cloud computing, the Internet of Things, and other important industry trends. All participants in this research are either involved in the management of their...
Attacks through third parties are even more prevalent, which jeopardizes not only the security of sensitive data, but it also provides attack vectors for hackers to take down critical systems via IoT, unauthorized access, etc. Supply chain systems are an integral part of the oil and gas industry’s survival and bad...
Cybersecurity has long been a
challenge across industries. Now that
most organizations are firmly in the age
of digital transformation, protecting
against threats is increasingly complex
but also crucial to shield against
financial and reputational damage.
With hybrid infrastructures accommodating
This report details seven case studies of attacks that were intercepted and neutralized by cyber defense AI, including insider threat, ransomware, and IoT attacks.
While all threat scenarios were distinct, some fast-moving and others slow and stealthy, in all cases the subtle indicators of suspicious activity were...
To protect today's dynamic workforce, security teams must be equipped to discern when and how a trusted account has been leveraged for nefarious purposes. This requires more than just an understanding of 'good' vs 'bad' - it requires an 'immune system' approach to security that is not only adaptive, but also grounded...
The convergence of IoT and OT provides a unique opportunity for
a stronger and more resilient infrastructure, whilst
increasing flexibility and responsiveness to new situations.
This needs to be well-managed to ensure the systems are
robust and the risks fully managed, and to maintain an
equivalent level of...
A critical component within millions of consumer and enterprise IoT devices has dangerous software flaws. New research from Forescout Technologies into open-source TCP-IP stacks shows millions of devices from 150 vendors are likely vulnerable.
After a federal judge blocked an order that would have banned ByteDance-owned TikTok from operating within the U.S., the Commerce Department vowed to continue to defend the Trump administration's executive order. Additional court hearings over the order are scheduled for later this year.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
This report enables a comprehensive, preventative approach to protecting all of the endpoints in your organization, whether office-based or remote. Enabling least privilege and allowing pragmatic application control are often overlooked but are crucial to achieving complete endpoint security.
Download this report...
It's hard to ignore the ubiquity of the internet of things (IoT). Even if you're one of those holdouts that doesn't own consumer IoT devices such as a smart speaker, internet-connected thermostat, or a smart watch, industrial IoT (IIoT) devices - a subset of the IoT landscape - are already playing a part in your daily...
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.