COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

Spotting and Stopping Synthetic ID Fraud

Tom Field • October 27, 2022

Synthetic identity fraud is the fastest-growing financial crime in the country. By combining real and fabricated personal information, a synthetic identity is specifically designed to look and act like a valid identity - until it doesn’t, leaving financial losses and criminal activity in its wake.

Email Threat Protection

Hybrid Cloud Changes the Game for Security

Latest

Governance & Risk Management

SMBs! Forget Retainer-based Security Assessments: Demand Funded POCs

Adam Mansour • September 8, 2022

A new delivery model is surfacing for various assessment services - one that is going to be bad for SMBs, whose options were already limited.

Fraud Management & Cybercrime

Mastercard CSO on Partnerships and Workforce Development

Tom Field • September 3, 2022

Post-pandemic, in the new era of hybrid work, Mastercard CSO Ron Green says the unintentional insider threat is one of his top concerns for member institutions and their customers. He shares insight on threats, partnerships and how the public and private sectors can address workforce development.

Governance & Risk Management

The Key To Compliance? Third-Party Management

Tori Taylor • August 30, 2022

They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.

Next-Generation Technologies & Secure Development

The Value of Digital Transformation

Andrew Stevens • August 30, 2022

With the increase in remote workers and proliferation of uncontrolled devices, your IT team has been migrating applications to the cloud along with building cloud-native applications to support the speed needed by the business.

Fraud Management & Cybercrime

Twilio and Mailchimp Breaches Tie to Massive Phishing Effort

Mathew J. Schwartz • August 25, 2022

An ongoing phishing campaign has compromised Twilio, Mailchimp and about 130 other organizations by using a lookalike Okta login page to trick employees into divulging their password and multi-factor authentication code. Researchers have traced the attacks to a 22-year-old suspect in North Carolina.

Fraud Management & Cybercrime

How COVID-19 Keeps Fueling New Security, Privacy Threats

Marianne Kolbasuk McGee • August 25, 2022

The ongoing COVID-19 pandemic continues to fuel new opportunities for cybercriminals, malicious insiders and other adversaries who are posing new security threats to the privacy of patient health data, says attorney Erik Weinick of law firm Otterbourg P.C.

Fraud Management & Cybercrime

Evolving Ransomware Threats on Healthcare

Adam Mansour • August 22, 2022

While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit.

Fraud Management & Cybercrime

How Are Ransomware Groups' Shakedown Tactics Evolving?

Anna Delaney • August 18, 2022

The latest edition of the ISMG Security Report discusses how ransomware groups continue to refine their shakedown tactics and monetization models, highlights from this year's Black Hat conference and why helping those below the "InfoSec poverty line" matters to businesses.

Security Operations

Lack of Access Management Is Causing Data Breaches

Isa Jones • August 18, 2022

The costs of hacks are rising, the amount of ransomware is rising, and the number of organizations that have been breached will also rise unless organizations take action.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

Guardsquare • August 17, 2022

Why have attacks from rogue mobile apps grown by 49% in Q3?

Training & Security Leadership

Profiles in Leadership: Bruce Phillips

Tom Field • August 11, 2022

As CISO of West, a Williston Financial Group company, Bruce Phillips recognizes that cybersecurity is not the enterprise's core business. But what, then, is the right level of cybersecurity to bring to a nonsecurity business? He discusses this and other leadership challenges.

Fraud Management & Cybercrime

Krebs to Vendors at Black Hat: No More 'Band-Aid' Approach

Michael Novinson • August 11, 2022

Black Hat USA 2022 opened with somber warnings from Chris Krebs about why application developers, vendors and the government need to solve major industry challenges. Key security executives also discussed DNS visibility, cloud security, patch management, APT strategies and supply chain woes.