COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

How Are Ransomware Groups' Shakedown Tactics Evolving?

Anna Delaney • August 18, 2022

The latest edition of the ISMG Security Report discusses how ransomware groups continue to refine their shakedown tactics and monetization models, highlights from this year's Black Hat conference and why helping those below the "InfoSec poverty line" matters to businesses.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

►

Fraud Management & Cybercrime

Profiles in Leadership: Sean Mack

Latest

Endpoint Security

RSA Conference 2022 Compendium: 150+ Interviews and More

Information Security Media Group • July 5, 2022

Welcome to ISMG's compendium of RSA Conference 2022. The 31st annual conference covered a wide range of topics including cybercrime, cyberwarfare, zero trust, supply chain risk, ransomware, OT security, cyber insurance and jobs. Access 150+ interviews with the top speakers and influencers.

Access Management

The Future of Authentication Is Biometrics and Passwordless

Michael Novinson • June 21, 2022

The need for more modern identity and access management capabilities such as biometric and passwordless authentication has been amplified by the COVID-19 pandemic and the shift to remote work, according to Forrester researchers Paul McKay and Merritt Maxim.

Application Security & Online Fraud

Suspected Business Email Compromise Ringleader Busted

Mathew J. Schwartz • May 27, 2022

Police in Nigeria this week arrested a 37-year-old man who's been charged with masterminding "a criminal syndicate tied to massive business email compromise and phishing campaigns," Interpol says. But with known BEC losses last year exceeding $2.4 billion, will the arrest have a noticeable impact?

Fraud Management & Cybercrime

Feds Warn Health Sector of Top Russia-Backed APT Groups

Marianne Kolbasuk McGee • May 20, 2022

Federal authorities are alerting healthcare sector entities of threats posed by Russian state-sponsored cyber groups, including some linked to attacks on pharmaceutical and related firms. Meanwhile, other ransomware gangs continue their assaults on a variety of U.S. medical facilities.

Governance & Risk Management

The Crucial Ingredients of a Good Cyber Resilience Program

Suparna Goswami • July 21, 2022

The basic foundation of designing a reliable and dynamic cyber resilience program is to have an elaborate incident response plan that can take into account different cyberthreat scenarios and outcomes, says Singapore-based Christophe Barel, who is managing director for Asia-Pacific at FS-ISAC.

Governance & Risk Management

Biden Order Seeks to Protect Reproductive Data Privacy

Marianne Kolbasuk McGee • July 8, 2022

The Biden administration continues to react to the Supreme Court's overturn of precedent guaranteeing a constitutional right to abortion, issuing Friday an executive order that includes provisions to help safeguard the privacy of patients' data.

Access Management

How Machine Learning Is Changing Access Monitoring

Isa Jones • July 5, 2022

As this technology is automated, it can also scan more accesses because a new rule doesn’t need to be created for each access. You can jump from a 1% audit rate to a 99% audit rate.

Training & Security Leadership

Okta to Spend $1M Helping Nonprofits Improve Their Security

Michael Novinson • July 1, 2022

Identity titan Okta has awarded $1.02 million in grants to groups focused on linking nonprofits with the talent needed to configure and manage security technology. Nonprofits have limited access to infrastructure and human capital to address their cybersecurity needs, and Okta hopes to change that.

Training & Security Leadership

Profiles in Leadership: Rob Hornbuckle

Mathew J. Schwartz • June 30, 2022

Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.

Training & Security Leadership

A Shortcut to the NIST Cybersecurity Framework

Kylie Ruiz • June 28, 2022

Determine how the NIST Framework can fit into your security structure and start taking proactive steps to protect critical assets from rising and evolving threats.

Governance & Risk Management

Healthcare Cybersecurity: Some Progress, Still Problems

Marianne Kolbasuk McGee • June 17, 2022

In the five years since the release of a high-profile report listing dozens of critical cybersecurity recommendations for healthcare sector entities, experts say the industry has made some progress but still has much more work to do.

Governance & Risk Management

Safeguarding the Enterprise Across Multiple Public Clouds

Michael Novinson • June 16, 2022

Organizations have created significant security challenges by rapidly migrating applications, data and workloads to multiple public clouds over the course of the COVID-19 pandemic, according to Abbas Kudrati of Microsoft and Upendra Singh of HCL.