With new legal, contractual and cybersecurity requirements, the regulatory landscape is constantly changing on both local and national fronts. As a result, compliance can become increasingly difficult, leaving organizations with a certain amount of risk, said James Shreve, partner, Thompson Coburn.
Supply chain attacks once were the exclusive provenance of nation-state hackers, says Eric Foster, strategic advisor to Stairwell. But not anymore. "More and more of those are moving downmarket," he said. "These days every threat would qualify as an advanced and persistent threat."
The efficiency and unlimited scalability of cloud architectures are pushing companies towards the cloud, whether public, private, or hybrid solutions. Many organizations have developed plans to move their workloads to public clouds, but this move can bring out unexpected challenges. Without the right enterprise...
Every organization has a role in securing the nation and economy. Enterprises should invest in the right controls, partner with public agencies and prioritize security at the board level, advised Eric Goldstein, executive assistant director for cybersecurity of CISA.
While large conglomerates are uncertain about their future in an economically volatile world, AirAsia is paving the way to growth while staying digitally resilient through cybersecurity, according to Shyam Krishnamurthy, country head of AirAsia's Super App.
Healthcare entities need to think more strategically about managing risk by implementing a robust cybersecurity framework such as the National Institute of Standards and Technology's CSF, said Bob Bastani, cybersecurity adviser at the Department of Health and Human Services.
Supply chain risk has become more critical in the post-pandemic world, and that means you need to ask "much more focused, targeted questions" about your partners, according to Sawan Joshi, director of information security at Cervest, a climate intelligence startup.
Gartner predicts that by 2026 organizations that prioritize security investments through continuous exposure management will be three times less exposed to the risk of a breach. This approach enables a shift from reactive to proactive cybersecurity, with exposure management forming its foundation.
A cyber risk quantification startup backed by ex-Cisco CEO John Chambers has raised $50 million to apply ML technology and build more API adapters. The money will allow Safe Security to capitalize on generative AI to help nontechnical leaders better understand their organizations' security postures.
Effective security governance in a healthcare entity is a balancing act that requires sponsorship by top leadership and careful consideration of the concerns of clinicians and others in the organization, according to Eric Liederman and deputy CISO Steven Frank of Kaiser Permanente.
Healthcare entities of all types and sizes could be the next targets of major cybersecurity attacks, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency. Healthcare firms need to be vigilant against ransomware, DDoS and medical device breaches, he said.
A new Food and Drug Administration policy to "refuse to accept" premarket submissions for new medical devices if they lack of cybersecurity details will help substantially improve the state of legacy devices in the future, said the FDA's Dr. Suzanne Schwartz. Here's a look at the new requirements.
Improving IT operations can be a challenging task for organizations to handle.
With the ever-changing technology landscape, there is a continuous demand to keep systems updated and secure. However, meeting these demands can prove challenging. As organizations grow and their IT infrastructure becomes more...
While most organizations carry out risk assessments and cybersecurity audits, security practitioners need to go beyond these manual processes to ensure proper protection, says Angel Redoble, group CISO, PLDT Group. He recommends starting with identifying all of the potential attack entry points.
Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, attributed to North Korea.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.