Organizations that want to ensure they have a solid cybersecurity strategy must ensure they rigorously pursue best practices, monitor their infrastructure, eliminate vulnerabilities as well as prepare for the worst, says Andrew Gogarty of Secon Cyber.
Defending organizations against attackers is more challenging than ever. "The complexity and sophistication of the threats has increased," says Cisco's Mark Weir. "What we're seeing a lot of at the moment as well is intellectual property theft."
With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Singapore's Personal Data Protection Commission is seeking feedback on the government's plan to amend the Personal Data Protection Act to create a tough breach notification mandate. In the meantime, the PDPC has issued data breach management guidelines to help organizations prepare for the new requirements.
Not all that crashes has been hacked. To wit, this past weekend there were multiple major outages, including much of Argentina and Uruguay going dark, as well as U.S. retailer Target's system problems leaving customers unable to pay for goods. But none of these outages were due to cyberattacks.
Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.
Hacking and extortion attempts against organizations have unfortunately become all too commonplace these days. On Tuesday, an unlikely victim went public: the British band Radiohead. But was the band really a hacking and extortion victim?
Online invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization fail, the breach apparently dates from earlier this year, but it's been tied to "an inactive data storage file associated with Evite user accounts" from before 2014.
Cybersecurity is a priority for the second term of Prime Minister Narendra Modi. As he completed his cabinet ministry appointments, he instructed the ministers to take up initiatives that can help build a cyber-resilient nation.
A third medical lab test firm - BioReference Laboratories - has acknowledged that it's a victim of the data breach at American Medical Collection Agency, which may have exposed data on more than 20 million patients. Meanwhile, at least four state attorneys general are now investigating the breach.
Large global organizations should have in-house forensic capabilities so they have a clear understanding of internal infrastructure and related vulnerabilities, says Sridhar Sidhu of Wells Fargo-India.
How big will the American Medical Collection Agency data breach get? LabCorp has now revealed that data on 7.7 million of the patients it serves was potentially compromised in the breach. Earlier, Quest Diagnostics said nearly 12 million of its clients were affected. Two U.S. senators are demanding answers.
Many corporate boards of directors in India have made progress in recognizing cybersecurity as a priority. But clearly, they still have a lot of work to do. Panelists at a recent ISMG summit in Bengaluru offer insights.
Australian National University has detected a data breach that resulted in the copying of "significant amounts" of staff and student data stretching back 19 years. The intrusion began in late 2018 and was detected on May 17.