Recent high-profile breaches resulting from API attacks are "just the tip of the iceberg," said Gartner analyst Dionisio Zumerle. "What we have is a new way of exchanging information which is increasingly popular, and almost no organization has the recipe to secure that new way of communicating."
Stung by the FBI's infiltration and takedown of the Hive ransomware group, other ransomware operators have been retooling their approaches to make their attacks more effective and operations tougher to disrupt, says Yelisey Bohuslavskiy, chief research officer at threat intelligence firm Red Sense.
Studies indicate that on average most enterprises use 25 to 49 security tools sourced from up to 10 different vendors. To make this environment easier to manage, CISOs should adopt an integrated approach driven by consolidation and automation, says Microsoft's Terence Gomes.
OT and SCADA security must be designed around protecting system availability, understanding OT-specific protocols and blocking attacks that target legacy systems commonly used in OT environments. CISO Hitesh Mulani of Mahindra & Mahindra shares advice on implementing OT security.
The business world is going through a phase of hyper transformation and hyper digitalization. So, the building blocks of a cybersecurity strategy are quite different from what they were a few years ago. CISOs now need to prioritize threats in the context of their businesses.
The increasing volume, frequency and sophistication of cyberattacks has made cyber resiliency a top priority for security leaders. But there are certain roadblocks to overcome before an organization can be cyber resilient, advise Samir Mishra and Navin Mehra of Cisco.
Prior to the COVID-19 pandemic, the roles and responsibilities of CISOs were centered around protecting IT infrastructure. Today, however, the role has changed and is closely aligned with the business and its associated risks. A CISO is also the custodian of digital trust and privacy.
From being in the news about its data being hacked to being hailed as one of the big identity initiatives globally, Aadhaar has indeed come a long way. ISMG caught up with Sumnesh Joshi, deputy director general of UIDAI, to discuss the initiatives the authority has taken to change its perception.
In the latest weekly update, ISMG editors discuss how Russia's invasion of Ukraine upended the cybercrime ecosystem, a lawsuit against a U.S. cardiovascular clinic that seeks a long list of security improvements, and the latest endpoint protection technology trends in the Gartner Magic Quadrant.
EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.
As threat actors increasingly target smaller and less-prepared businesses, CISOs should consider consolidating similar security technologies onto a single platform in order to maximize the defender's advantage, says Vijendra Katiyar, country manager for Trend Micro in India and the SAARC region.
As the human factor continues to drive data breaches, organizations need to be more cyber fusion-centric and deploy advanced AI-powered tools to predict threats. Harshil Doshi, country manager for Securonix in India and the SAARC region, discusses the future of SIEM technology.
We strongly recommend that you use a password manager to reduce password reuse and improve complexity, but you may be wondering if it’s really worth the risk. Is it safe to store all of your passwords in one place? Can cybercriminals hack them? Are password managers a single point of failure?
Join Roger A....
Forrester recently published a report that shows over two-thirds of European security decision-makers have begun to develop a zero trust strategy, and public sector organizations are leading the way. Forrester's Tope Olufon shares the cultural and regulatory roadblocks to zero trust.
Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.