eSecurity Planet

DECEMBER 20, 2023

Attack surface management (ASM) is a relatively new cybersecurity technology that combines elements of vulnerability management and asset discovery with the automation capabilities of breach and attack simulation (BAS) and applies them to an organization’s entire IT environment, from networks to the cloud.

Cloud 113

Cloud Risk Compliance Security 113

IBM Big Data Hub

MARCH 20, 2024

This includes cyber incidents, technology failures, natural disasters and more. With more dependency on technology and third and fourth parties, expectations are increasing for organizations to continue delivering critical business services through a major disruption in a safe and secure manner. Similarly, in the U.S.

Cloud 80

Cloud Financial Services Risk Business Services 80

IT Governance

DECEMBER 9, 2021

Cloud security is an essential part of today’s cyber security landscape. With hybrid working now the norm, many organisations are relying on Cloud services to access data from home or the office. This might include spotting misconfigured firewalls or physical security threats.

Cloud 126

Cloud Security Authentication Risk 126

The Last Watchdog

DECEMBER 5, 2018

million patients had significant amounts of PII exposed by the healthcare provider’s third-party billing vendor, AccuDoc Solutions, shows the healthcare sector remains acutely vulnerable to attacks exploiting third-party contractors even as their first-party security posture hardens. Weak links. Sticky problem. Risk-based approach.

Data breaches 153

Data breaches Insurance Risk Ransomware 153

IT Governance

MARCH 1, 2023

Welcome to our February 2023 list of data breaches and cyber attacks. IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. You can find the full list of data breaches and cyber attacks below.

Data breaches 130

Data breaches Ransomware e-Delivery Government 130

The Last Watchdog

JUNE 22, 2021

Network security is in the throes of a metamorphosis. Advanced technologies and fresh security frameworks are being implemented to deter cyber attacks out at the services edge, where all the action is. Related: Automating security-by-design in SecOps. This means Security Operations Centers are in a transition.

Security 127

Security Digital transformation Ransomware IoT 127

The Security Ledger

APRIL 5, 2023

In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data. What is the fix for API security issues? Read the whole entry. »

Security 52

Security Digital transformation Financial Services Cloud 52

eSecurity Planet

AUGUST 9, 2021

A malicious advertising campaign originating out of Eastern Europe and operating since at least mid-June is targeting Internet of Things (IoT) devices connected to home networks, according to executives with GeoEdge, which offers ad security and quality solutions to online and mobile advertisers. Malvertising is Evolving.

IoT 145

IoT Cloud Mining Marketing 145

Thales Cloud Protection & Licensing

FEBRUARY 28, 2022

To enable this revolution, automobile manufacturers and their supply chain partners have rapidly adopted new technologies to better serve customers and win competitive advantages: Embedding high-speed connectivity in vehicles to improve customer experience and entertainment as well as real-time diagnostics and OTA updates.

Data Privacy 71

Data Privacy Privacy Manufacturing Digital transformation 71

eSecurity Planet

AUGUST 5, 2021

Two of the largest government security agencies are laying out the key cyberthreats to Kubernetes, the popular platform for orchestrating and managing containers, and ways to harden the open-source tool against attacks. In addition to resource theft, cyber actors may also target Kubernetes to cause a denial of service.”

Risk 109

Risk Cloud Encryption Cybersecurity 109

eSecurity Planet

JANUARY 6, 2022

Third-party security, ransomware , artificial intelligence (AI) and decentralized finance (DeFi) are some of the threats you can expect to see more of this year – with the potential for far worse results than we’ve seen in the past. ” US-CERT annual security vulnerabilities – high security vulnerabilities in green.

Ransomware 135

Ransomware Cybersecurity Artificial Intelligence Risk 135

Thales Cloud Protection & Licensing

OCTOBER 19, 2022

Manufacturing needs to adopt a Zero Trust approach to mitigate increased cyber threats. Nowadays, any organization is heavily and deeply connected to the Internet: local, distributed and cloud environments, a plethora of machines, devices and Internet of Things (IoTs), and above all, numerous “work from anywhere” employees.

Manufacturing 71

Manufacturing Encryption Cloud IoT 71

eSecurity Planet

FEBRUARY 13, 2023

Application security is the practice of securing software and data from hackers, whether that application comes from a third party or was developed in house, regardless of where it resides or how it’s accessed. How Does Application Security Work? What Are the Types of Application Security?

Security 96

Security Cloud Risk Computer and Electronics 96

The Last Watchdog

MAY 10, 2019

Our rising dependence on business systems that leverage cloud services and the gig economy to accomplish high-velocity innovation has led to a rise in productivity. However, the flip side is that we’ve also created fresh attack vectors at a rapid rate – exposures that are not being adequately addressed.

Digital transformation 173

Digital transformation Systems administration Phishing Ransomware 173

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. COVID-19 Accelerates Attacks.

Insurance 128

Insurance Ransomware Risk Data science 128

The Last Watchdog

APRIL 28, 2020

As coronavirus-themed cyber attacks ramp up, consumers and companies must practice digital distancing to keep themselves protected. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks.

Ransomware 174

Ransomware Phishing Communications Access 174

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Besides the obvious benefits, IoT devices create an expanded threat landscape and have already been exploited in numerous cyber attacks (e.g., The root cause of these attacks is that the devices are lacking the security mechanisms to defend themselves against malicious actions that lead to the control of hijacked devices.

IoT 96

IoT Manufacturing Energy and Utilities Encryption 96

eSecurity Planet

FEBRUARY 20, 2023

Penetration tests find security vulnerabilities before hackers do and are critical for keeping organizations safe from cyber threats. Penetration test services have become common, with many security companies offering them. You can either create your own pentesting program or hire an outside firm to do it for you.

Sales 95

Sales Security Communications Cloud 95

eSecurity Planet

MAY 19, 2023

Application security tools and software solutions are designed to identify and mitigate vulnerabilities and threats in software applications. Their main purpose is to protect applications from unauthorized access, data breaches, and malicious attacks.

Security 103

Security Cloud Compliance Risk 103

eSecurity Planet

MARCH 3, 2023

President Biden came into office around the time of the SolarWinds and Colonial Pipeline cyber attacks, so cybersecurity has been a major focus of the Administration from the beginning. These efforts may integrate diplomatic, information, military (both kinetic and cyber), financial, intelligence, and law enforcement capabilities.”

Cybersecurity 117

Cybersecurity Government Manufacturing Personal data 117

Thales Cloud Protection & Licensing

SEPTEMBER 9, 2021

Securing the Identities of Connected Cars. Manufacturing is one of the most attacked industries, facing a range of cybersecurity challenges. The proliferation of DevOps and distributed IoT devices, as well as the need to secure the digital identities of these applications and devices, calls for innovative approaches to PKI deployment.

Security 71

Security Manufacturing Cloud IoT 71

Thales Cloud Protection & Licensing

MAY 30, 2018

And as we continue to move into an era of digital transformation and interconnectedness, there is increasing concern among organizations and average citizens around the security of sensitive data. We need to encourage manufacturers and suppliers to create “trusted” products that are secure and come from secure supply chains.

Cybersecurity 67

Cybersecurity e-Discovery Cloud Digital transformation 67

Hunton Privacy

FEBRUARY 25, 2021

2 (2021) regarding “Cyber Insurance Risk Framework” (the “Guidelines”), calling on insurers to take more stringent measures in underwriting cyber risks. In the Guidelines, NYDFS cites the 2020 SolarWinds attack as an example of how managing growing cyber risk is “an urgent challenge for insurers.”.

Insurance 70

Insurance Cybersecurity Risk Education 70

eSecurity Planet

DECEMBER 19, 2023

We each need to consider how these trends may affect our organizations and allocate our budgets and resources accordingly: AI will turbo-charge cybersecurity and cyberthreats: Artificial intelligence (AI) will boost both attackers and defenders while causing governance issues and learning pains.

Cybersecurity 140

Cybersecurity Cloud Ransomware Risk 140

The Last Watchdog

JUNE 12, 2023

Related: SolarWinds-style supply chain attacks on the rise Clop operatives went live last week with an unusual ultimatum — written in broken English and posted in a Dark Web forum — giving the victimized organizations a June 14 th deadline to make direct contact with them under threat of having sensitive stolen data made public.

Risk 193

Risk Access Ransomware Cloud 193

The Last Watchdog

DECEMBER 14, 2023

We asked two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? Their guidance: Brandon Colley , Principal Security Consultant, Trimarc Security Colley Some 10-year-old vulnerabilities are still wildly prevalent.

Cybersecurity 235

Cybersecurity Cloud Risk Mining 235

eSecurity Planet

DECEMBER 18, 2023

Cloud computing services, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), each have unique security concerns. IaaS involves virtualized computing resources over the internet, with users responsible for securing the operating system, applications, data, and networks.

Security 112

Security Cloud Encryption Compliance 112

eSecurity Planet

OCTOBER 21, 2021

The attacks on SolarWinds and Kaseya over the past year put a spotlight on how an attack on a single company can have downstream consequences on the victim’s partners and customers. Supply Chains are Targets. Supply chain compromises led to $7.4 See also: The Software Supply Chain: Where Security Starts.

Security 121

Security Ransomware Risk Cybersecurity 121

Security Affairs

APRIL 10, 2024

A Dynamic, Complex Threat Landscape Today’s cyber threat landscape is characterized by its dynamic and complex nature. No longer confined to isolated malware or phishing attacks, threats now encompass a wide range of sophisticated tactics, techniques, and procedures (TTPs) used by cybercriminals and nation-state actors alike.

Cybersecurity 109

Cybersecurity Digital transformation Cloud B2B 109

Data Protection Report

APRIL 9, 2024

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which imposes new reporting requirements for entities operating in critical infrastructure sectors.

Ransomware 83

Ransomware Agriculture Cybersecurity Government 83

The Last Watchdog

MAY 30, 2023

Cyber threats have steadily intensified each year since I began writing about privacy and cybersecurity for USA TODAY in 2004. Collectively, enterprises spend a king’s ransom many times over on cyber defense. And as a result, many still do not practice essential cyber hygiene.

Cloud 188

Cloud Privacy Cybersecurity Security 188

eSecurity Planet

SEPTEMBER 17, 2021

Cybercriminals are targeting Linux-based servers running Microsoft’s Azure public cloud environment that are vulnerable to flaws after Microsoft didn’t automatically apply a patch on affected clients in its infrastructure. According to cybersecurity firm Recorded Future, the attacks began the night of Sept.

Cloud 124

Cloud Risk Cybersecurity Access 124

eSecurity Planet

JUNE 22, 2022

And in cybersecurity, hyperautomation could be the thing that makes the constant onslaught of alerts and cyber incidents manageable. Today, hyperautomation can be used to improve upon business process management, iPaaS solutions, and (critically) security systems. Read also: Automating Security Risk Assessments for Better Protection.

Cybersecurity 134

Cybersecurity Artificial Intelligence Digital transformation Cloud 134

The Last Watchdog

OCTOBER 21, 2021

Set in the final weeks of World War 1, the story swings heavily on the contrast between false security and the realities of war. Related: We’re in the golden era of cyber espionage. Today, we are talking about a different war dynamically morphing between a physical war and cyber war. False sense of security.

Cybersecurity 244

Cybersecurity Phishing Compliance Military 244

eSecurity Planet

NOVEMBER 7, 2023

Organizations have a variety of options for cloud deployments, each with its own set of capabilities and security challenges. Public Cloud Environments A public cloud architecture is a shared infrastructure hosted by a cloud service provider.

Cloud 106

Cloud Security Encryption Compliance 106

eSecurity Planet

MARCH 17, 2023

Whether you’re operating a global enterprise network or a small family business, your network’s security needs to be optimized with tools, teams, and processes to protect customer data and valuable business assets. Also read: What is Network Security?

Security 120

Security Encryption Analytics Cloud 120

IT Governance

SEPTEMBER 13, 2021

Are you considering a career in cyber security? CompTIA Security+. The CompTIA Security+ qualification is widely considered to be one of the best introductions to the cyber security industry. You can find out more about this qualification by taking our CompTIA Security Training Course.

Security 93

Security Systems administration Honeypots Risk 93