The cybersecurity industry remains resilient in the face of recession fears, said Alberto Yépez, co-founder and managing director of Forgepoint Capital. Amid economic shifts and technological advancements, the market is adapting to new challenges and opportunities.
Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.
This year's massive exploitation of managed file transfer products such as Fortra's GoAnywhere and Progress Software's MOVEit proves that MFTs are a hacker's paradise. Research by John Dwyer of IBM Security X-Force shows why and also reveals a path toward protecting MFTs in the future.
Large enterprises may have hundreds or thousands of APIs. Concerns over API vulnerabilities have been around for years, but most organizations outside of highly regulated industries such as banking have not taken the steps to understand the threats they face, said Richard Bird, CSO at Traceable.
The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the market has shifted dramatically to reduce risk exposure.
Browser security and microsegmentation play critical roles in stemming the bleeding from ransomware attacks, as "almost always the attacks come from a point-based browser vector," said Spencer Tall, managing director, AllegisCyber Capital. He shared two approaches to ensure secure browser adoption.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
Next-gen solutions are a key component of zero trust security strategy to help mitigate zero-day malware attacks. Imran Bashir, director of technical marketing at Palo Alto Networks, discussed countering evolving threats, securing access and leveraging AI/ML to strengthen cybersecurity.
While consolidating third-party risks into one document is important, it is equally vital to introduce artificial intelligence into various elements of your third-party risk management program, said Jonathan Pineda, CISO and DPO at the Government Service Insurance System in the Philippines.
The federal agency that enforces HIPAA is heavily focused on investigations of potential violations involving online tracking tools in healthcare websites that impermissibly transmit sensitive patient information to third parties, said Susan Rhodes of the Department of Health and Human Services.
U.K. authorities recently reprimanded health service provider NHS Lanarkshire after staff members shared patient data on messaging service WhatsApp. That privacy lapse demonstrates the risks of shadow IT and the legacy of COVID-19 practices, said attorney Jonathan Armstrong of Cordery Compliance.
The LockBit ransomware-as-a-service group may have become a victim of its own success, having grown "too fast and too quick," to the point where its infrastructure and ability to handle affiliates' requests is lagging, leading many to desert the operation, says ransomware researcher Jon DiMaggio.
Public companies disclosing a cyber incident under the new U.S. reporting requirements should focus on the business impact and stay away from the technical pieces, said Venable's Grant Schneider. The disclosure should examine how the incident will affect revenue, profitability and public perception.
In the latest weekly update, ISMG editors discuss the White House's debut of a $20 million contest to exterminate bugs with AI, a New York man admitting to being behind the Bitfinex hack, and a new malware campaign that is targeting newbie cybercriminals in order to steal sensitive information.
The Philippines follows a shared cyber defense strategy, bringing together government financial institutions with other agencies under the Department of Finance for a cost-effective defense strategy. Land Bank's Archie Tolentino shared how the model works to protect the banking sector.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.