Studies indicate that on average most enterprises use 25 to 49 security tools sourced from up to 10 different vendors. To make this environment easier to manage, CISOs should adopt an integrated approach driven by consolidation and automation, says Microsoft's Terence Gomes.
OT and SCADA security must be designed around protecting system availability, understanding OT-specific protocols and blocking attacks that target legacy systems commonly used in OT environments. CISO Hitesh Mulani of Mahindra & Mahindra shares advice on implementing OT security.
The business world is going through a phase of hyper transformation and hyper digitalization. So, the building blocks of a cybersecurity strategy are quite different from what they were a few years ago. CISOs now need to prioritize threats in the context of their businesses.
The increasing volume, frequency and sophistication of cyberattacks has made cyber resiliency a top priority for security leaders. But there are certain roadblocks to overcome before an organization can be cyber resilient, advise Samir Mishra and Navin Mehra of Cisco.
Prior to the COVID-19 pandemic, the roles and responsibilities of CISOs were centered around protecting IT infrastructure. Today, however, the role has changed and is closely aligned with the business and its associated risks. A CISO is also the custodian of digital trust and privacy.
A now-patched bug that caused OpenAI to take down the ChatGPT chatbot for nine hours on Monday also revealed the last four digits of payment cards, the company disclosed Friday. One user said he saw the history of another account including the topics "phobia of rats" and "sexist music video clips."
The United States sent its top cyber offensive team to NATO ally Albania to help secure the nation's critical infrastructure networks. The Cyber National Mission Force helped find cyberthreats and vulnerabilities on networks likely targeted last year by Iranian threat actors.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 17 and 23: The New York State Department of Financial Services reminds BitPay that regulations exist. Also, Euler Finance, Gala Games, BitGo, ZenGo, General Bytes, Bitzlato and ParaSpace.
As threat actors increasingly target smaller and less-prepared businesses, CISOs should consider consolidating similar security technologies onto a single platform in order to maximize the defender's advantage, says Vijendra Katiyar, country manager for Trend Micro in India and the SAARC region.
As the human factor continues to drive data breaches, organizations need to be more cyber fusion-centric and deploy advanced AI-powered tools to predict threats. Harshil Doshi, country manager for Securonix in India and the SAARC region, discusses the future of SIEM technology.
Bitcoin ATM manufacturer General Bytes suspended its cloud services supporting more than 15,000 machines after a hacker exploited a vulnerability in its software to steal user passwords and private keys and made off with cryptocurrency worth millions of dollars.
Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.
Video piracy is a major concern for security teams in the media industry. Commander Praveen Kumar, global CISO of media conglomerate Zee Entertainment and winner of ISMG's Dynamic CISO Excellence Award for ROI Champion, shares his secret for reducing piracy by 85%.
ISMG presented the 2023 Dynamic CISO Award to Vaibhav Tole, director of global cybersecurity at Cyient, who developed skills internally and created a team to handle incident response in-house. ISMG caught up with Tole at the conference to understand how he is doing more with less these days.
Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.