To ensure business continuity, companies that support India's critical infrastructure need to validate the functioning of the security controls and other tools deployed to support the remote workforce during the COVID-19 pandemic, says Mumbai-based Shivkumar Pandey, group CISO at the Bombay Stock Exchange.
The Justice Department and several other federal executive branch agencies are asking the Federal Communications Commission to revoke China Telecom (Americas) Corp.'s license to provide international telecommunications services to and from the U.S., citing national security concerns.
The latest edition of the ISMG Security Report discusses the cybersecurity challenges posed by the work-at-home shift. Also featured: Tips from NIST on developing remote worker security policies, plus a discussion of the nascent threat of AI meeting assistants.
Privileged access management is more critical as a result of the shift to telework during the COVID-19 pandemic and the ongoing movement of applications and data to the cloud, says Dr. Yask Sharma, CISO of a large national critical infrastructure organization in India, who outlines essential PAM components.
Washington state was the initial epicenter of the COVID-19 outbreak in the U.S., and Cris Ewell was at the heart of the crisis as CISO of UW Medicine. He shares his insights and lessons learned from supporting caregivers and a remote workforce during the pandemic.
Cybercrime groups and nation-state hacking gangs are continuing to exploit the COVID-19 pandemic to further their aims, U.K. and U.S. security agencies warn in a joint alert. While overall attack levels haven't increased, they say, "the frequency and severity of COVID-19-related cyberattacks" looks set to surge.
The operator of a newly discovered botnet dubbed "Dark Nexus" is offering cybercriminals access to an array of capabilities, include the ability to launch DDoS attacks on demand, according researchers at Bitdefender.
As the COVID-19 outbreak has intensified, so too has cybercrime, including ransomware, Interpol, the international crime-fighting agency, warns. Despite some gangs claiming to no longer be targeting healthcare organizations, experts have seen "no abatement, empathy or free decryptor" from any of them.
When it comes to threat hunting, what are the complementary uses of SIEM and EDR technologies? What are the unique use cases for each, and how can they coexist? Sam Curry of Cybereason shares tips in advance of a virtual roundtable discussion.
A security researcher found 10 flaws within HP's Software Assistant Tool, which is installed across HP's desktop and laptop computers. Bill Demirkapi, who found the flaws, says the software is risky because only seven of the flaws have been patched by HP.
With the COVID-19 pandemic forcing large portions of the workforce to shift to telework, CISOs need to rethink corporate policies on the use of video conferencing platforms and other communications tools, says NIST's Jeff Greene, who offers risk mitigation advice.
Healthcare professionals are on the front line in the war against COVID-19, and cybersecurity leaders bear unique pressure to support and secure their efforts. But amid this crisis, Anahi Santiago, CISO of ChristianaCare, also sees tremendous strides in telehealth delivery.
As CISOs in India scramble to deal with challenges related to the COVID-19 crisis, they're discovering effective strategies. For example, they're adopting the "zero trust" model for the remote workforce and devising ways to deal with the security issues raised by "shadow IT" and "free software."
The stuck-at-home chronicles have fast become surreal, as remote workers face down a killer virus on the one hand and the flattening of their work and personal lives on the other. To help, many have rushed to adopt Zoom. And for many use cases - hint: not national security - it is a perfectly fine option.
Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.