The mass migration to cloud has only added to the global cybersecurity gap, and John Yeoh, global vice president of research at the Cloud Security Alliance is among those calling for greater "diversity by design" as enterprises look to fill these roles.
Welcome to RSA Conference 2021. By virtue of being virtual, we've brought our entire global team to bear on gathering the very latest cybersecurity trends, technologies and takeaways from our industry's leading thinkers via ISMG's largest and most diverse set of video interviews to date.
For anyone wondering how the Russian-speaking, ransomware-wielding DarkSide crime syndicate was able to disrupt a major U.S. fuel pipeline, a more pertinent question might be: Why didn’t it happen sooner?
Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint.
Almost every organization has adopted cloud computing to some extent, and with this great power comes great responsibility. How are cybersecurity leaders managing visibility, access and risk? We asked this exclusive panel of CEOs and CISOs, and they shared frank and thoughtful advice.
Private equity firm Thoma Bravo on Monday announced it had signed a definitive agreement to acquire the cybersecurity and compliance firm Proofpoint in a $12.3 billion all-cash deal.
Does the West want to have its digital existence defined by adversaries, or is it ready to devote the time, resources, expertise and planning required to more fully take control of its evolving destiny? That's the techno-Darwinian call to arms issued by Jeremy Fleming, the director of Britain's GCHQ intelligence...
Rapid7 has acquired Velociraptor, an open-source endpoint-monitoring organization and community that will continue to operate as a stand-alone entity while the security firm adopts some of its technology. Meanwhile, Zscaler had announced a deal to buy Trustdome.
Interpol says Dutch and Nigerian suspects created a cloned version of a legitimate personal protective equipment provider's website to trick a German health authority seeking face masks. The case is a reminder that a "sophisticated" scheme need not require extreme technical sophistication to succeed.
Facebook has been attempting to dismiss the appearance of a massive trove of user data by claiming it wasn't hacked, but scraped. No matter how the theft is characterized, 533 million users have just learned that their nonpublic profile details were stolen and sold to fraudsters.
Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.
Security practitioners often tread a fine and not entirely well-defined legal line in collecting current and meaningful research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area.
The zero-day attacks against Accellion's File Transfer Appliance show that a number of big-name firms continued to use the legacy technology - even though more secure, cloud-based options were available. Evidently, many CISOs didn't see a compelling reason to move on. Of course, now they do.
What happens when an e-commerce retailer sends customers a data breach notification email with a subject line that reads "strictly private and confidential"? "Clearly trying to make people stay quiet," responded one unamused Fat Face customer. Others report being none the wiser as to what risks they now face.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.