Security - Information Management Today

Identity Security Clinic

Data Breach Today

MARCH 22, 2024

Introducing CyberArk’s Identity Security Clinic. See Also: When Every Identity is at Risk, Where Do You Begin? Where experts dissect and diagnose your

Security

Security Risk

Feds Tackling Information Security in Government Procurement

Data Breach Today

APRIL 1, 2024

GSA Establishes Framework for Security Regulations Covering Federal Acquisitions The federal government aims to streamline its information security and supply chain security procurement policies as part of an effort to better safeguard federal systems.

Information Security

Information Security Government Security Cybersecurity

OnDemand Panel | Securing Operational Excellence: Insights into Fortifying OT Security

Data Breach Today

DECEMBER 27, 2023

Strengthening OT Security with HCLTech and Microsoft In an age reliant on operational technology, ensuring robust security for diverse industries is crucial. Join us as we discuss operational challenges, highlighting specific threats faced by businesses today. We will discuss:

Security

Security Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Why Endpoint Security Tools Are Still Such a Challenge

Data Breach Today

MARCH 25, 2024

LinkedIn Chief Security Architect Calls for More Integration of Devices, Identities Despite advances in endpoint security, Sergei Rousakov, chief security architect at LinkedIn, said the landscape remains complex.

Security

Security Cybersecurity

7 Pitfalls for Apache Cassandra in Production

Overlooking Security Considerations. Managing Delete Heavy Workloads. Running Unoptimized Queries. Neglecting Anti-Entropy Repairs. Tuning Without Proper Understanding. Leaving Cassandra Unattended.

Security

Okta to Acquire Spera Security

Data Breach Today

DECEMBER 19, 2023

Okta Says Acquisition Will Expand Its Ability to Detect High-Risk Accounts Okta finalized an agreement to acquire Spera Security, saying the purchase will expand its ability to track risky accounts and access misconfigurations.

Security

Security Risk Access IT

Domain Name Security Challenges

Data Breach Today

DECEMBER 25, 2023

According to Ihab Shraim, chief technical officer at Corporation Services Company, just 1 in 100 security companies knows who their registrar is and where their domain name resides. Protecting domain name systems finally has the attention of cybersecurity professionals -because every recent large data breach has involved a DNS vulnerability.

Security

Security Data breaches Cybersecurity

CrowdStrike to Buy Israeli Data Defense Vendor Flow Security

Data Breach Today

MARCH 5, 2024

Data Security Posture Management Deal Will Help CrowdStrike Guard Endpoints, Clouds CrowdStrike plans to purchase a data security posture management startup led by an Israeli Defense Forces team leader to safeguard information across endpoints and clouds.

Security

Security Cloud

Apple Sued for Prioritizing Market Dominance Over Security

Data Breach Today

MARCH 21, 2024

Lawsuit Says Apple Stifles Innovation, Degrades Security, Suppresses Protections The U.S. Department of Justice in a lawsuit filed Thursday is accusing Apple of discarding user security and privacy protections as part of a broader effort to maintain dominance in the national smartphone market.

Marketing

Marketing Security Privacy

Assess and Advance Your Organization’s DevSecOps Practices

Advertiser: Datadog

Organizations must advance their DevSecOps practices to deliver high quality, secure digital services to market quickly and efficiently. In order to do that, leaders must ask themselves three key questions: What is our current level of DevSecOps maturity? Where is our desired level of DevSecOps maturity? How do we get there?

Security

CISA Launches New Efforts to Secure Open-Source Ecosystem

Data Breach Today

MARCH 7, 2024

Cybersecurity and Infrastructure Security Agency hopes to expand voluntary information sharing between the federal government and open-source software operators with a series of actions the agency announced following a two-day open-source security summit held at its Virginia headquarters.

Security

Security Cybersecurity Government IT

Ivanti Patches Critical Endpoint Security Vulnerability

Data Breach Today

JANUARY 7, 2024

SQL Injection Flaw Affects All Supported Versions of Ivanti Endpoint Manager Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers.

Security

Security IT

AWS Snags Skyhigh's Gee Rittenhouse to Run Security Business

Data Breach Today

MARCH 18, 2024

Ex-Forcepoint CRO John DiLullo to Lead STG-Owned Skyhigh Security on Interim Basis Amazon Web Services hired Gee Rittenhouse to help organizations protect their data and applications in the cloud.

Security

Security Cloud Cybersecurity

Nagomi Exits Stealth With $30M to Help Manage Security Risks

Data Breach Today

APRIL 25, 2024

Cyber Startup Wants to Enhance Customers' Proactive Management of Security Risks A threat exposure management startup led by an ex-Claroty executive emerged from stealth to help firms proactively manage security risks and improve their defensive postures.

Risk

Risk Security

The Essential Guide to Building Analytic Applications

What should software teams know about implementing security that works with the rest of their products? Embedding analytics in software presents some unique opportunities—and poses unique challenges—to software teams. What are best practices when designing the UI and UX of embedded dashboards, reports, and analytics?

Analytics

Zscaler Expands AI Security Capabilities by Acquiring Avalor

Data Breach Today

MARCH 14, 2024

Zscaler Purchase Aims to Revolutionize Zero Trust Cybersecurity With Advanced AI Zscaler bought a data security startup led by a longtime Salesforce executive to help customers stay ahead of threats by beefing up data quality and AI models.

Security

Security Cybersecurity IT

On Point: Offensive Security for Mobile Network Operators

Data Breach Today

JANUARY 22, 2024

Build Resiliency by Simulating Real-World Attacks and Gaining Insight Into Threats As cyberthreats evolve, mobile network operators need offensive security to maintain resilience. Traditional security, such as firewalls and encryption, is not sufficient on its own.

Security

Security Encryption IT

API Security Trends: Collaborative Strategies for Leaders

Data Breach Today

JANUARY 2, 2024

Forrester's Sandy Carielli Shares Highlights From API Security Report Forrester analyst Sandy Carielli highlights key API security aspects in Forrester's report titled The Eight Components of API Security," which covers governance, discovery, testing, authentication and protection from API breaches as many organizations are grappling with the maturity (..)

Security

Security Authentication Government

Cisco Announces Isovalent Acquisition to Boost Security

Data Breach Today

DECEMBER 21, 2023

Cisco Continues Investments in New Cloud Security Offerings With Isovalent Deal Cisco announced plans to acquire another cloud security startup as part of a series of recent acquisitions and investments in the company’s multi-cloud networking capabilities and security offerings, including the major $28 billion acquisition of Splunk.

Security

Security Cloud

The Essential Guide to Analytic Applications

We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges.

Analytics

Proof of Concept: Securing Elections in the Age of AI

Data Breach Today

FEBRUARY 27, 2024

CISOs Discuss AI Scams, Cyberthreats and Election Security Defenses In the latest "Proof of Concept," Jeff Brown, CISO for the state of Connecticut, and Lester Godsey, CISO for Maricopa County, Arizona, join ISMG editors to discuss AI-related threats to election security, safeguarding against cyber and physical threats and coordinating efforts for (..)

Security

Wyze Security Incident Exposes Private Cameras

Data Breach Today

FEBRUARY 21, 2024

13,000 Users Received Incorrect Thumbnails; 1,504 Tapped on Them, Risking Privacy A glitch in Wyze home security cameras permitted thousands of users to catch glimpses inside strangers' homes as its cloud system came back online after an hourslong outage.

Security

Security Cloud Privacy Risk

BigID Raises $60M, Eyes M&A Around Data Security, Compliance

Data Breach Today

MARCH 18, 2024

Data Security Vendor Retains Unicorn Status With Riverwood Capital-Led Growth Round A data security firm led by a former CA Technologies executive raised $60 million to boost both organic and inorganic expansion around data and compliance.

Compliance

Compliance Security Access IT

Synopsys Greenlights Sale of $525M Application Security Unit

Data Breach Today

MARCH 21, 2024

Software Integrity Business Could Fetch More Than $3B, Attract Private Equity Firms Synopsys' board of directors signed off Wednesday on selling the company's $525 million application security testing business to focus exclusively on design automation and IP.

Sales

Sales Security IT

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

Read this whitepaper to learn: How this “no data copy” approach dramatically streamlines data workflows while reducing security and governance overhead. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Cloud

Microsoft's Latest Hack Sparks Major Security Concerns

Data Breach Today

JANUARY 22, 2024

Experts Warn Tech Giant Faces Potential for Future Cyberattacks After Email Hacking Security experts told ISMG they were concerned Microsoft could suffer future cyberattacks and threats to its customers after a Russian state hacking group managed to evade detection for several weeks while targeting accounts associated with the company’s top executives. (..)

Security

Security IT

Fulton County, Security Experts Call LockBit’s Bluff

Krebs on Security

FEBRUARY 29, 2024

Security experts say LockBit was likely bluffing and probably lost most of the data when the gang’s servers were seized this month by U.S. LockBit removed Fulton County’s listing from its victim shaming website this morning, claiming the county had paid. law enforcement. They could release whatever data they have at any time.

Security

Security Ransomware IT Access

Unlocking the Platform Advantage in Security

Data Breach Today

OCTOBER 13, 2023

Not so long ago, security organizations rallied behind "best of breed" security solutions. But now, trying to reduce tech debt, rationalize tools and consolidate vendors, there is a push for the platform approach. Cisco's Amilcar Alfaro talks about how to tap into the platform advantage.

Security

1Password Acquires Kolide, Aiming to Enhance Device Security

Data Breach Today

FEBRUARY 20, 2024

1Password CEO Says Acquisition Will Help Customers Achieve Zero Trust Objectives Jeff Shiner, CEO of the popular password management company 1Password, said Monday that the company is acquiring leading device security platform Kolide in response to the "historic transformation of the workplace that demands transformative and intuitive new security (..)

Security

Security Passwords

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

SentinelOne to Bolster Cloud Security With PingSafe Buy

Data Breach Today

JANUARY 3, 2024

SentinelOne to Add CNAP Capabilities for 'Best of Breed' Security Platform Endpoint security firm SentinelOne is set to acquire PingSafe for an undisclosed sum of cash and stock.

Cloud

Cloud Security

Experts Say Chinese Safes Pose Risks to US National Security

Data Breach Today

MARCH 14, 2024

Senator Urges Government to Tell Public About Little-Known Manufacturer Reset Codes Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S.

Risk

Risk Manufacturing Security Government

Embracing Precision for Enhanced Security

Data Breach Today

NOVEMBER 9, 2023

Reconsidering the One-Size-Fits-All Healthcare Risk Analysis For over a decade, the HIPAA Security Rule has required covered entities and business associates to engage in risk analysis and management.

Security

Security Data breaches Risk IT

NIST Offers Concrete Steps for Secure Software Development

Data Breach Today

FEBRUARY 19, 2024

New Guidelines Include 'Absolutely Crucial' Steps to Enhance Security, Experts Say The National Institute of Standards and Technology issued new guidelines to help software developers integrate software supply chain security into every phase of the software development life cycle as experts say organizations are seeking comprehensive guidance on how (..)

Security

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Consumer IoT Security Labels: Transparency Push Intensifies

Data Breach Today

OCTOBER 25, 2023

Vendors Want 'Clear, Consistent and Actionable Information' for Device Security Essential, real-time security information about every Internet of Things device should be clearly communicated to consumers before and after purchase, a consortium of technology vendors says in a list of IoT security principles, which recommend the use of "live labels." (..)

IoT

IoT Security Communications

US, UK Cyber Agencies Spearhead Global AI Security Guidance

Data Breach Today

NOVEMBER 27, 2023

Global Cybersecurity Agencies Say 'Secure by Design' Is Key to AI Threat Mitigation Nearly two dozen national cybersecurity organizations on Sunday urged AI developers to embrace "secure by design" and other preventive measures aimed at keeping hackers out from the mushrooming world of AI systems.

Security

Security Cybersecurity IT

'Silver SAML' Haunts Entra ID SIngle Sign On Security

Data Breach Today

FEBRUARY 29, 2024

Moving From AFDS to Avoid 'Golden SAML' Wasn't A Cure-All A post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign on authentication messages, warn security researchers from Semperis, who unveiled an attack they dub "Silver SAML."

Security

Security Authentication

ISMG Editors: Identity Security Special

Data Breach Today

SEPTEMBER 1, 2023

Identity Security Expert Jeremy Grant on AI and Digital Identity Risks In the latest weekly update, Jeremy Grant of Venable joins three ISMG editors to discuss why the U.S. government is taking a back seat on digital identity issues, the risks of artificial intelligence, and takeaways from the U.S.

Artificial Intelligence

Artificial Intelligence Security Risk Government

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Identity Security and How to Reduce Risk During M&A

Data Breach Today

APRIL 11, 2024

But what about the specific role of identity security? SailPoint's Lori Diesen showcases the value of transitioning to SaaS-based identity security to reduce risk during M&A activity. Cybersecurity occupies a growing priority status in merger and acquisition discussions.

Risk

Risk Security Cybersecurity

ISMG Editors: Emerging AI Tech for Cloud Security in 2024

Data Breach Today

JANUARY 26, 2024

Payments Expert Troy Leach Joins the Panel to Cover AI, Zero Trust and IoT Security In the latest weekly update, Troy Leach, CSO at Cloud Security Alliance, joins three editors at ISMG to discuss important cybersecurity issues, including how generative AI is enhancing multi-cloud security, AI's influence on authentication processes, and the state of (..)

Cloud

Cloud IoT Security Authentication

Mimecast Acquires Elevate Security to Address Human Risk

Data Breach Today

JANUARY 5, 2024

Company Plans to Enhance Digital Workplace Protection With Behavioral Analytics Mimecast announced the acquisition of human risk management solutions specialist Elevate Security as part of its initiative to enhance digital workplace protection.

Risk

Risk Analytics Security IT

Resilience: The New Priority for Your Security Model

Data Breach Today

JANUARY 25, 2024

Security leaders focus on protection and detection, but the new priority is resilience. A resilience strategy should "get the real 'ground truth' of what has happened" in the attack, said Brian Dye, CEO of Corelight, in this episode of "Cybersecurity Insights."

Security

Security Cybersecurity

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Identity Security Clinic

Feds Tackling Information Security in Government Procurement

Webinars

Trending Sources

OnDemand Panel | Securing Operational Excellence: Insights into Fortifying OT Security

Webinars

Why Endpoint Security Tools Are Still Such a Challenge

7 Pitfalls for Apache Cassandra in Production

Okta to Acquire Spera Security

Domain Name Security Challenges

CrowdStrike to Buy Israeli Data Defense Vendor Flow Security

Apple Sued for Prioritizing Market Dominance Over Security

Assess and Advance Your Organization’s DevSecOps Practices

CISA Launches New Efforts to Secure Open-Source Ecosystem

Ivanti Patches Critical Endpoint Security Vulnerability

AWS Snags Skyhigh's Gee Rittenhouse to Run Security Business

Nagomi Exits Stealth With $30M to Help Manage Security Risks

The Essential Guide to Building Analytic Applications

Zscaler Expands AI Security Capabilities by Acquiring Avalor

On Point: Offensive Security for Mobile Network Operators

API Security Trends: Collaborative Strategies for Leaders

Cisco Announces Isovalent Acquisition to Boost Security

The Essential Guide to Analytic Applications

Proof of Concept: Securing Elections in the Age of AI

Wyze Security Incident Exposes Private Cameras

BigID Raises $60M, Eyes M&A Around Data Security, Compliance

Synopsys Greenlights Sale of $525M Application Security Unit

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

Microsoft's Latest Hack Sparks Major Security Concerns

Fulton County, Security Experts Call LockBit’s Bluff

Unlocking the Platform Advantage in Security

1Password Acquires Kolide, Aiming to Enhance Device Security

Make Payment Optimization a Part of Your Core Payment Strategy

SentinelOne to Bolster Cloud Security With PingSafe Buy

Experts Say Chinese Safes Pose Risks to US National Security

Embracing Precision for Enhanced Security

NIST Offers Concrete Steps for Secure Software Development

How to Package and Price Embedded Analytics

Consumer IoT Security Labels: Transparency Push Intensifies

US, UK Cyber Agencies Spearhead Global AI Security Guidance

'Silver SAML' Haunts Entra ID SIngle Sign On Security

ISMG Editors: Identity Security Special

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Identity Security and How to Reduce Risk During M&A

ISMG Editors: Emerging AI Tech for Cloud Security in 2024

Mimecast Acquires Elevate Security to Address Human Risk

Resilience: The New Priority for Your Security Model

5 Early Indicators Your Embedded Analytics Will Fail

Stay Connected