The latest edition of the ISMG Security Report discusses the recent ransomware attack on aluminum giant, Norsk Hydro. Plus, confessions of a former LulzSec and Anonymous hacktivist, and the growing problem of cyber extortion.
In light of concerns raised about the security of electronic voting machines in India, Dr. Alok Shukla, former deputy election commissioner, says it's nearly impossible for a hacker to tamper with the chips in an EMV in an attempt to alter the vote tally.
The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service."
To enable digital transformation, security practitioners need to shift away from a traditional network-based security focus and instead develop a security policy that meets users' business requirements, says Scott Robertson, vice president, Asia Pacific and Japan, at Zscaler.
Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.
How can the many job openings for cybersecurity specialists be filled? "Reskilling" can play a critical role, says Greg Touhill, the nation's first federal CISO, who's now president of Cyxtera Technologies. In an interview, he offers a preview of his upcoming presentation at the RSA Conference 2019.
The latest edition of the ISMG Security Report describes vulnerabilities found in popular password generator apps. Plus, the evolution of blockchain as a utility and a new decryptor for GandCrab ransomware.
As the use of artificial intelligence tools and robotics continues to grow, it's crucial for organizations to assess the potential security risks posed, says attorney Stephen Wu, who reviews key issues in an interview.
The latest edition of the ISMG Security Report highlights how thieves can use "deep fake" photos in an attempt to steal cryptocurrency. Also featured: A discussion of the implications of "data gravity" and an analysis of whether the era of mega-breaches is ending.
The 2019 RSA Conference offers an opportunity to learn about new concepts across all aspects of cybersecurity. One such area is "data gravity," which will be the topic of a session featuring Microsoft's Diana Kelley and Sian John. They discuss the concept in a joint interview.
The good news for security leaders: Because of SSL/TLS, nearly every bit of web data in transit is now encrypted. The bad news: Threat actors are now masking their attacks inside of encrypted traffic. Kevin Stewart of F5 Networks explains why network visibility is not enough to detect these attacks.
Security practitioners looking to deploy blockchain in their network to support authentication must look for an application that can be implemented easily and effectively, says Prasanna Lohar, head of IT at DCB Bank.