President and CEO Sudhakar Ramakrishna says SolarWinds has done massive work implementing security into the build process since the company was hacked in late 2020. Testing, validating and qualifying the integrity of the company's source code has required significant effort, Ramakrishna tells ISMG.
When it comes to advanced threat response, most financial institutions say their current abilities are average. Only one-third say automation is crucial to how they identify and respond to threats. This panel of APAC and ANZ experts analyzes the state of security automation in financial services.
As cybercriminals evolve their attack techniques, they pose greater risks to the government, businesses and individuals. It’s more critical than ever to improve your security strategy and proactively prepare for the next wave of cyberthreats.
The first step is to understand the latest attack trends and major...
A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.
Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry. The proceeds will bolster its protection for cryptocurrency lending protocols and better defend the money flowing into and out of the cryptocurrency ecosystem.
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Hellman Worldwide Logistics, one of the world's biggest logistics and shipping firms, is warning that its operations remain disrupted following an online attack of unspecified nature. The attack comes amid a busy season for e-commerce and shipping, with supply lines already stretched thin, experts say.
In ransomware attacks, cybercriminals attack through the backups because they know that security practitioners rely on backups to save themselves after a ransomware attack. Therefore, it is essential to have multiple backups, says Tom Kellermann, head of cybersecurity strategy at VMware.
Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.
Threat modeling can help give organizations the extra insights needed to secure their on-premises and cloud environments at a time when attackers are using increasingly sophisticated methods to gain entry to networks and maintain persistence. Experts offer tips on making the right moves.
While security operations is a high priority, many organizations continue to struggle to keep up with the scale and scope of the tasks at hand. This is because security operations are often hamstrung by organizations’ reliance on an overabundance of point tools and manual processes, as well as a shortage of advanced...
Tom Kellermann calls it a new "Twilight Zone" - an era in which cybersecurity adversaries can unleash destructive attacks that manipulate time, data, audio and video. The cybersecurity strategist shares insights and analysis from his latest Global Incident Response Threat Report.