An attack spoofed internet routing information, resulting in anyone who visited MyEtherWallet.com - a free, open source web app for storing and sending ether-based tokens - instead being routed to an attacker-controlled site, leading to an estimated $320,000 in losses.
The city of Atlanta's ransomware outbreak cleanup and response tab has hit $2.6 million after a March attack froze corporate servers, employees' PCs and resident-facing portals. Some security experts say the breach response funds would have been put to better use preventing the outbreak in the first place.
One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
For years, Dawn Cappelli studied and wrote about the insider threat. Then she went to Rockwell Automation and built an insider program. She discusses the program's success and her expanded role as vice president and CISO.
The average tenure of a CISO can be brief - especially in the wake of a breach. What should security leaders do from day one to get a good handle on the job? Joel de la Garza, CISO of Box, offers career advice.
As corporate information silos fall, traditional approaches to governance, risk and compliance are giving way to the new category of integrated risk management solutions. Vivek Shivananda, CEO of Rsam, discusses the evolution.
"Digital transformation" is the theme of the year, but it comes with specific cybersecurity challenges - and they put a new burden squarely on the shoulders of the CISO, says Fortinet's Jonathan Nguyen-Duy.
Enterprise security leaders need to embrace a new "culture of security," says Mordecai Rosen of CA Technologies. But how does he define that, and what role does automation play in enabling it?
We have been talking about the cybersecurity skills gap for a decade, but the pain is truly being felt now as businesses churn out new apps with insufficient security, says WhiteHat Security's Craig Hinkley. What is machine learning's role?
To effectively understand the impact of security programs and communicate changes to key decision makers, companies need tools such as security ratings that provide a quantifiable, objective view of cybersecurity performance over time.
Register for this webinar to learn about:
The importance of using security...
When it comes to building an effective cybersecurity team, it isn't just about acquiring the right technology and business skills, says LinkedIn CISO Cory Scott. It's also about obtaining the right people who have defined their own personal narrative.
Are you interested in how your peers are dealing with increased breaches, vulnerabilities and encrypted traffic?
Download this report and learn:
How to reduce incident response times and dependency on skilled security personnel;
Key insights into the cyberthreat landscape;
How other security pros are protecting...
At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
While CISOs in India are fighting off threats from technologically adept cyberattackers, they are also grappling with the challenge of effectively communicating cyber risk to management in the business terms that they can understand, says K.K. Mookhey, founder of Mumbai-based NII consulting.
