More results...
The financial constraints many smaller organizations face often cast shadows on their ability to fortify defenses. In this Help Net Security interview, Brent Deterding, CISO at Afni, delves into the realities and myths surrounding the cybersecurity pov…
Migrating to a quantitative cyber risk model of analysis allows for more accurate data, which leads to more informed decision-making.
The post Moving From Qualitative to Quantitative Cyber Risk Modeling appeared first on SecurityWeek.
The cost of an insider risk is the highest it’s ever been, as organizations spend more time than ever trying to contain insider incidents, according to DTEX Systems. The average annual cost of an insider risk has increased to $16.2 million – a 40…
With exponential growth in the number of human and machine actors on the network and more sophisticated technology in more places, identity in this new era is rapidly becoming a super-human problem, according to RSA. Paradoxically, even in this world w…
Australia has an e-waste problem, and for all the conversations around climate change, energy use, plastics and other ESG matters, it’s surprising that more isn’t said about it.
Legal and compliance leaders should address their organization’s exposure to six specific ChatGPT risks, and what guardrails to establish to ensure responsible enterprise use of generative AI tools, according to Gartner. “The output generated by ChatGP…
By Chinatu Uzuegbu, CISSP, CEO/Managing Cyber Security Consultant at RoseTech CyberCrime Solutions Ltd. We kicked off the Identity and Access Management Processes from the Top-Level Management approach. The Identity and Access Management Security Steering Committee is a group of C-Suites leaders, also referred to as the respective Data and Asset Owners from the various Business Units of my organization. The group met and established the governing policy around the Identity and Access Management Processes. The governance covers the Mandatory Access Control Policy and Trust Policy of the organization which are automatically enforced as the baselines on default. The governance of…
KillNet is bad for your health, TikTok facing further bans, ransomware impacts cancer test results, Russia allegedly increasing its cyberwarfare efforts. By Joe Fay Microsoft Demonstrates How KillNet Is Bad for Our Healthcare Sector Microsoft has highlighted a rise in DDoS attacks on healthcare organizations, mapping a three-fold increase in attacks over three months. It said it tracked 10 to 20 attacks per day on healthcare organizations on Azure in November but was seeing 40 to 60 per day in February. The attack mix changed over this time, it added, with over half of attacks now being UDP floods, with…
By John E. Dunn Phishing attacks depend on creating huge numbers of lookalike ‘confusable’ domains. A new report has highlighted the most prevalent examples and suggested a way to detect phishing domains before they are used in anger. Ever since phishing attacks gathered steam two decades ago, the ability of criminals to create ‘confusable’ or typosquatting domains that look plausibly similar to real ones has been a thorn in everyone’s side. Companies have their brands hijacked, users are tricked into clicking on phishing emails that look genuine, and registrars are roundly criticized for allowing all of this to happen. Large…
By Dave Cartwright, CISSP A week is a long time in most business sectors. In the intertwined world of banking and startups, it feels like an eternity as both sides deal with the fallout from the collapse of Silicon Valley Bank (SVB); the financial crisis impacting a myriad of startups suffering cashflow loss and disruption, with other banks now seemingly in poor shape after experiencing runs. For the technology and cybersecurity startups, not just those in California, that used SVB as their banker or lender (or both), its failure could delay or derail at least part of the next wave…