COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

What to Do Based on 2022: Expert Analysis of TPSRM Survey

Tony Morbin • September 21, 2022

From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.

Governance & Risk Management

The Value of Digital Transformation

Latest

Endpoint Security

Netskope Expands Into Cloud Networking With Infiot Purchase

Michael Novinson • August 2, 2022

With its acquisition of Infiot, Netskope now carries both the networking and security technology needed to build a Secure Access Service Edge architecture following. The acquisition of Infiot's platform will allow Netskope customers to address both traditional and emerging SD-WAN use cases.

Endpoint Security

iPad Theft Is Reminder That Devices Still Cause PHI Breaches

Marianne Kolbasuk McGee • July 27, 2022

While reports of big health data compromises involving unencrypted computers have been sinking for years, the recent theft of an iPad from a locked storage room - along with the tablet's password - is a reminder that mobile device mishaps can lead to breaches affecting tens of thousands of patients.

Endpoint Security

Profiles in Leadership: Sean Mack

Mathew J. Schwartz • July 25, 2022

Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.

Endpoint Security

RSA Conference 2022 Compendium: 150+ Interviews and More

Information Security Media Group • July 5, 2022

Welcome to ISMG's compendium of RSA Conference 2022. The 31st annual conference covered a wide range of topics including cybercrime, cyberwarfare, zero trust, supply chain risk, ransomware, OT security, cyber insurance and jobs. Access 150+ interviews with the top speakers and influencers.

Fraud Management & Cybercrime

Twilio and Mailchimp Breaches Tie to Massive Phishing Effort

Mathew J. Schwartz • August 25, 2022

An ongoing phishing campaign has compromised Twilio, Mailchimp and about 130 other organizations by using a lookalike Okta login page to trick employees into divulging their password and multi-factor authentication code. Researchers have traced the attacks to a 22-year-old suspect in North Carolina.

Fraud Management & Cybercrime

How COVID-19 Keeps Fueling New Security, Privacy Threats

Marianne Kolbasuk McGee • August 25, 2022

The ongoing COVID-19 pandemic continues to fuel new opportunities for cybercriminals, malicious insiders and other adversaries who are posing new security threats to the privacy of patient health data, says attorney Erik Weinick of law firm Otterbourg P.C.

Fraud Management & Cybercrime

Evolving Ransomware Threats on Healthcare

Adam Mansour • August 22, 2022

While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit.

Fraud Management & Cybercrime

How Are Ransomware Groups' Shakedown Tactics Evolving?

Anna Delaney • August 18, 2022

The latest edition of the ISMG Security Report discusses how ransomware groups continue to refine their shakedown tactics and monetization models, highlights from this year's Black Hat conference and why helping those below the "InfoSec poverty line" matters to businesses.

Security Operations

Lack of Access Management Is Causing Data Breaches

Isa Jones • August 18, 2022

The costs of hacks are rising, the amount of ransomware is rising, and the number of organizations that have been breached will also rise unless organizations take action.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

Guardsquare • August 17, 2022

Why have attacks from rogue mobile apps grown by 49% in Q3?

Training & Security Leadership

Profiles in Leadership: Bruce Phillips

Tom Field • August 11, 2022

As CISO of West, a Williston Financial Group company, Bruce Phillips recognizes that cybersecurity is not the enterprise's core business. But what, then, is the right level of cybersecurity to bring to a nonsecurity business? He discusses this and other leadership challenges.

Fraud Management & Cybercrime

Krebs to Vendors at Black Hat: No More 'Band-Aid' Approach

Michael Novinson • August 11, 2022

Black Hat USA 2022 opened with somber warnings from Chris Krebs about why application developers, vendors and the government need to solve major industry challenges. Key security executives also discussed DNS visibility, cloud security, patch management, APT strategies and supply chain woes.