Today's attack surface presents a growing challenge to CISOs looking to understand and reduce their cyber risk. When it comes to IT infrastructure, it's fair to say the perimeter has left the premises. Whether it's discovering short-lived assets (e.g., containers), assessing cloud environments or maintaining web...
How Susceptible are Users to Active Threats?
With phishing still the #1 entry point for cyber-attacks, your defenses need to focus on the most pressing threats: active phishing campaigns that are probing your healthcare organization.
This report breaks down the Top 10 threats, with metrics showing how well users...
For too many organisations, software vulnerability management is just about "patch Tuesday." Vulnerability management has evolved significantly in the past few years. Organisations need to adopt a new strategy focusing on visibility, prioritised response, and mitigation.
When you look back at the wave of...
Unused or unmonitored SSH keys grant alarming levels of privileged access beyond users, proliferating into your machine-to-machine communications and services. Learn how securing your SSH inventory beyond your PAM solution helps compliance with NIST, FISMA, and CDM along with five steps you can take today to...
In a recent Ponemon survey on cyber resilience, respondents reported that both the time to respond to attacks and the severity of the attacks have increased. They also reported that the number one barrier to cyber resilience is the "lack of investment in new cybersecurity technologies, including artificial...
A key amendment to Canada's Personal Information Protection and Electronic Documents Act goes into effect on Nov. 1. What are the baseline standards for compliance, and how does this change impact risk transfer and mitigation?
While PIPEDA is not a new law and been on the books for a long time, what is coming is...
This survey report reveals that for many organizations, threat hunting is still new and poorly defined from a process and organizational standpoint. Most are still reacting to alerts and incidents instead of proactively seeking out the threats.
While the act of threat hunting cannot be fully automated, it heavily...
Like it or not, good grades matter. As organizations become increasingly focused on benchmarking internal groups for their ability to run efficiently and add business value, cybersecurity teams must be positioned to measure their programs' effectiveness and sophistication against industry standards.
In this second...
A new era of cyber threats has dawned. Ransomware has advanced significantly and is now capable of taking out infrastructure and operations across the globe, weaponizing known vulnerabilities such as EternalBlue and crippling businesses for months or more. WannaCry marked the start of these techniques and was one of...
At three of the world's largest information security events in 2018, Information Security Media Group's team of editors conducted about 200 video interviews with industry thought leaders, who provided timely insights on important topics. Here's your guide to those interviews.
To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed. But Irish authorities have signaled that Facebook has failed to share all of the information they would have expected to see.
Businesses MUST address the proliferation of mobile devices in the workplace, whether authorized or not. For every laptop, there is a mobile phone, literally doubling the attack surface for hackers to breach your business and cause harm to you and/or your customers. While protection for traditional devices has long...
The workplace is transforming, and keeping up with evolving security threats has become more critical and challenging than ever. Malware
attacks come from all directions with an overwhelming majority of successful breaches beginning at the endpoint. This means that having a
comprehensive endpoint management solution...
Leading the latest edition of the ISMG Security Report: The reaction to the recently released White House cybersecurity strategy. Also featured: A discussion of GDPR's impact on class action lawsuits.
Smartphone cameras and microphones act as the eyes and ears of the digital age, capable of capturing the smallest audio and visual details in high-definition clarity. Unfortunately, threat actors have demonstrated the ability to hijack these smartphone components, using them to gain valuable insights about targeted...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing gdpr.inforisktoday.com, you agree to our use of cookies.