You’re not surprised when a purchase of some earrings, a bracelet, or a diamond necklace hurts you in the pocket.
Attributing cyberattacks and advanced malware to a particular country or entity is usually troublesome. Forensic artefacts can sometimes be planted or forged to point to a specific country or cybercriminal group.
The individuals charged with running an organisation are actually the most likely to expose it to a major cyber attack, according to information security executives.
Over the past few years, considerable attention has been given to the cybersecurity skills gap. In the post Enterprises Continue to Grapple with a Huge Cyber Security Skills Shortage we covered how the global cyber security workforce shortage is on pace to hit 1.8 million by 2022, a 20 percent increase since 2015, according to the Global Information Security Workforce Study. That study found 68 percent of workers in North America think the workforce gap is due to a lack of qualified personnel.
Organizations already facing a tough time finding cybersecurity talent may find additional cybersecurity headwinds this year as the vast majority (84 percent) of cybersecurity workers say they are on the lookout for new job opportunities.
Ever since the first data breach notification law went into effect July 1, 2003 in California (SB 1386), there has been controversy surrounding what types of data being exposed should trigger data breach notifications, who should be notified, and how quickly they should be notified. In fact, it’s become somewhat of a mess.
Everyone in IT knows how much the cloud is becoming a central and strategic component of the modern technology infrastructure at many enterprises. Perhaps less well known is the fact that a lot of organizations have pulled workloads back from the cloud—in part because of concerns about data management and security.
As enterprises bridge their adoption patterns for public cloud from isolated pilot projects to fully scaled environments, they're going to need to get serious about adjusting their cybersecurity strategy and architecture to accordingly. According to the thinkers at McKinsey & Company, that sea change needs to start now. In a new report out last month by the consulting firm, enterprises are finally doubling down on their public cloud experiments over the last decade. And that means an impending cascade of public cloud usage in critical infrastructure that previously remained entrenched in the on-prem world.
Ransomware, the prolific malware that locks down computer files until the victim pays to regain access, remains the fastest-growing cyber threat, targeting users from the regular Joe to entire corporate networks.
The U.S. Securities and Exchange Commission (SEC) put public companies on warning that they need to get better about how and when they disclose not just breaches but material cyber risks to investors. The instructions were part of an updated guidance on breach disclosure from the SEC meant to protect investors and bring greater clarity to what the regulatory board expects from public companies when it comes to how they handle information security transparency.
Artificial intelligence (AI) is capturing the imagination of business and technology leaders in virtually every industry. The promise of technology solutions based on AI is certainly compelling, with potential benefits including greater efficiency, reduced errors, cost savings, enhanced customer services, etc.
An increase in cyber threats and a failure to learn from past incidents place the security of data, infrastructure and assets at risk, according to a new threat landscape report.
