To mitigate the risks posed by ransomware attacks, enterprises need to move from file-based security to a behavior-based approach, says Jennifer Ayers, vice president of the OverWatch division of Crowdstrike.
A report from Google's Threat Analysis Group offers fresh details about the hacking group that targeted Democratic presidential candidate Joe Biden's campaign with phishing emails earlier this year. The phishing effort was linked to a little-known hacking group called APT31, which has connections to China.
Critical steps when implementing a privileged access management program include auditing of activities performed by administrators and continuous monitoring of user activity, says Sujit Christy, group CISO at John Keells Holdings, a conglomerate based in Sri Lanka.
CISA is warning that sophisticated hacking groups are chaining together vulnerabilities, such as the recent Zerologon bug and other flaws, to target state and local government networks. In some cases, attackers gained access to election support systems.
The Reserve Bank of India's "New Umbrella Entity" initiative, designed to support a digital retail payments system similar to National Payments Corp. of India, would be a game-changer to boost digital innovation in the payments industry, according to a panel of experts.
To help ensure security as India moves to digital payments, enterprises need to educate their customers to help them understand potential risks and take the right precautions, says payments expert Navin Surya.
The Secure Access Service Edge - or SASE - model can help CISOs make incremental progress on enhancing security while designing a long-term strategy, says Siddharth Deshpande, director of security strategy for Asia-Pacific and Japan at Akamai Technologies.
The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish a White House cybersecurity coordinator role. The position would coordinate the government's response to online attacks and other cybersecurity challenges facing the nation.
Starting and maintaining an Anti-DDoS service is both expensive and challenging. Andy Ng and Donny Chong of Nexusguard share their insight and key takeaways from a recent roundtable discussion with ISMG.
CISOs are gaining additional discretionary powers to make risk-based decisions, especially as organizations implement the ISO 27035-3 incident response standard, says Khawaja Mohammad Ali, CISO of a large federal bank in Pakistan.
An organization has successfully implemented a "zero trust" framework when it can achieve context-aware resolution of a risk, says Dr. Siva Sivasubramanian, CISO of SingTel Optus, an Australian telecommunications firm.
Unified Cloud Edge is part of MVISION, the cloud-native security platform from McAfee. Unified Cloud Edge enables consistent data protection from device-to-cloud and prevents cloud-native threats that are invisible to the corporate network.
MVISION Unified Cloud Edge is a cloud-native security platform that enables...
Like the force of gravity in a supernova, the cloud has caused data to explode out of the enterprise to a new cloud edge with fragmented visibility and control for enterprise security. In this paper, we'll evaluate this massive shift through a combination of survey results from 1,000 enterprises in 11 countries and an...
"Digital business transformation inverts network and security service design patterns, shifting the focal point to the identity of the user and/or device not the data center. Security and risk management leaders need a converged cloud-delivered secure access service edge to address this shift.
Network and network...
Our apps and services are expected to work quickly and seamlessly on any number of devices, from different kinds of networks and in different locations around the globe. Monitoring the infrastructure that supports those experiences layers of interconnected technologies that become more complex every year is key to any...