The foundation of a landmark presidential executive order and now a standard embraced by governments and enterprises globally, zero trust has come far in the past two years. Zero trust creator John Kindervag offers a progress report and insight into the key trends he sees shaping the new year.
Acer fixed high-severity bugs that hackers could use to disable the secure boot in several laptops built by the Taiwanese manufacturer. The vulnerability could give threat actors control over operating system boot processes and allow them to disable some protection mechanisms.
Open Systems has purchased an early-stage Microsoft-centric MSSP to help automate investigating, triaging and responding to basic security alerts. The Silicon Valley-based MDR provider says its acquisition of U.K.-based Tiberium will free up security analysts to focus on preventative defenses.
Threat actors are targeting Web3 and making off with billions in stolen cryptocurrency. How do they find vulnerabilities and plan and execute attacks? How can you defend against such attacks? Martin Derka of Web3 security firm Quantstamp shares insights by walking a mile in a hacker’s shoes.
As three Brooklyn safety net hospitals grapple with the aftershocks of a Nov. 19 cyber incident, sources say other area hospitals are complaining about a lack of transparency. One Brooklyn Health System has been tight-lipped about the cause of the outage, which is suspected to involve ransomware.
A British judge ordered cryptocurrency trading platforms to divulge the identities of account holders accused of holding funds stolen from an English digital assets exchange. A change in civil procedure makes it easier for English judges to subpoena foreign entities in cases of financial fraud.
The nature of the new "norm" in this post-pandemic era of remote work is revolutionizing how your organization has to operate. With dozens of applications used across a diverse landscape, how do you ensure that your organization stays secure while being compliant with changing rules and regulations?
Okta has stemmed employee attrition and accelerated customer identity sales by clarifying product function but now has to grapple with longer sales cycles for small to midsized businesses. Okta says efforts to reposition its customer identity offering over the past quarter have borne fruit.
A longer sales cycle for small businesses and delayed subscription start dates for large enterprises have forced CrowdStrike to lower its sales forecast going forward. The Austin-based endpoint security company says deals with SMB clients took 11% longer to close in the fiscal quarter ended Oct. 31.
U.K. businesses shy from involving police in cyber incident response for fear of regulatory consequences, lawmakers sitting on Parliament's Joint Committee on National Security Strategy heard. Allowing businesses to anonymously disclose incidents would result in more data, suggested a witness.
The Department of Health and Human Services has issued a new proposed rule to better align the HIPAA privacy and breach notification rules with regulations involving the confidentiality of records pertaining to patients receiving treatment for substance use disorders.
The push to migrate applications to cloud-native architectures has driven increased use of containers and created the need for more security, says Veracode CEO Sam King. Veracode's expertise in application security helps the company identify open-source code and known vulnerabilities in containers.
Email has been around for decades. It's inherently unsecured, and adversaries continue to find new ways to use it as an attack vector. Crane Hassold of Abnormal Security opens up on the threat landscape and how security professionals should prepare for new attacks via email in 2023.
The oil pipeline and rail sectors could be required to implement cyber risk management following the Transportation Security Administration's initiation of a rule-making process. The Biden administration is pressuring critical infrastructure operators through voluntary measures and new regulation.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.