March 19, 2024 at 10:02AM The evolving cybersecurity landscape is reshaping the responsibilities of CISOs. To adapt, they must meticulously create and document security protocols. Based on the meeting notes, it’s clear that the evolving cybersecurity landscape is impacting the role of the Chief Information Security Officer (CISO). The emphasis was put on the need … Read more
March 18, 2024 at 11:03AM The UK’s National Cyber Security Centre (NCSC) has released guidance for organizations using operational technology (OT) to assess the potential migration of their supervisory control and data acquisition (SCADA) systems to the cloud. The guidance highlights the need for a risk-based decision, considering unique technical requirements and the increased cybersecurity … Read more
March 14, 2024 at 01:05AM The UAE’s increasing adoption of IT and operational technology has expanded its attack surface, leading to nearly 155,000 vulnerable assets due to misconfigurations and insecure applications. CPX’s “State of the UAE Cybersecurity Report 2024” emphasizes the need for a unified approach to improve national infrastructure and cybersecurity, amidst growing threats … Read more
March 11, 2024 at 05:40PM CISA officials reported a breach by threat actors who exploited Ivanti product vulnerabilities in February. Suspicious activity was discovered in two systems, the Infrastructure Protection Gateway and Chemical Security Assessment Tool, prompting CISA to recommend reviewing its advisory on three Ivanti vulnerabilities. The incident also exposed the failure of Ivanti … Read more
March 7, 2024 at 07:51AM SecurityWeek’s Cyber Insights 2024 addresses cybersecurity issues impacting CISOs, anticipating a rise in criminal liability. Growing threats and stress exacerbate burnout risks. SEC’s stringent rules and potential liability curveball will test CISO roles, leading to potential exodus. Challenges lie in defining ‘material’ cybersecurity incidents, personal liability, and CISO’s combined roles. … Read more
February 28, 2024 at 06:10PM The Biden administration is urging closer public-private partnerships to strengthen US information-technology infrastructure, advocating for memory-safe programming languages and improved ways to measure software security. The focus is on shifting responsibilities for defending cyberspace and incentivizing companies to invest in cybersecurity. The efforts aim to enhance the nation’s cybersecurity and … Read more
February 26, 2024 at 01:49PM Zero-trust security adoption is set to rise tenfold in the Gulf region by 2025, with finance and oil and gas sectors leading. Current predictions suggest 10% of large enterprises will have a mature zero-trust program by 2025, driven by the need for robust security in a region experiencing increased cyberattacks. … Read more
February 22, 2024 at 09:15AM The US government released new guidance for water and wastewater sector entities to improve cyber resilience. The document, “Top Cyber Actions for Securing Water Systems,” includes instructions and free resources to assess and enhance security posture. It advises reducing internet exposure, conducting regular assessments, improving password hygiene, inventorying assets, updating … Read more
January 31, 2024 at 12:48PM In a podcast, SecurityWeek’s Ryan Naraine interviews Del Rodillas of Palo Alto Networks on integrating IT and OT in the ICS threat landscape. They cover evolving cyber resilience, the challenges of merging IT and OT governance, process integrations for security strategy, consolidated tech stacks, and the role of next-generation firewalls … Read more
January 30, 2024 at 05:02PM Cohesity’s research reveals the prevalence of cyberattacks, leading companies to break ‘do not pay’ policies due to data recovery deficiencies. The study of 900+ IT and Security decision-makers shows a grim outlook for cyberattacks, with 79% being victims of ransomware. Companies require over 24 hours for data recovery, leading to … Read more