February 15, 2024 at 08:29AM Due to increased SEC regulations, companies are under pressure to enhance transparency and speed up breach disclosure in cybersecurity reporting. Boards are demanding more rigorous tracking of KPIs and KRIs, operational metrics, and asset and security performance indicators. The book, “The Cyber Savvy Boardroom,” co-authored by Homaira Akbari and Shamla … Read more
February 14, 2024 at 04:14PM Prudential Financial disclosed a data breach after detecting unauthorized access to its systems by a cybercrime group. The move is seen as a proactive response to the new SEC incident-disclosure rules. While the impact is yet to be determined, experts suggest it’s a strategic effort to mitigate reputational and financial … Read more
February 12, 2024 at 05:39AM This article discusses the challenges associated with Incident Response (IR) and the critical role of identifying compromised user accounts in containing and mitigating cyber attacks. It introduces Silverfort’s Unified Identity Protection Platform, highlighting how its real-time Multi-Factor Authentication (MFA) and identity segmentation address blind spots and accelerate the IR process, … Read more
February 5, 2024 at 10:22AM Data security remains a top challenge for businesses, with a rise in vulnerabilities and cyberattacks. The SEC’s new rules for publicly traded companies aim to address this, but threat actors are finding ways to exploit them, as seen in a recent ransomware incident. Public companies must prioritize cybersecurity, have robust … Read more
February 5, 2024 at 08:45AM XDR platforms help companies detect threats by correlating indicators from security domains. Cato Networks’ “SASE-based” XDR leverages native sensors to provide detailed threat analysis. Through intuitive dashboards, analysts can assess and mitigate threats, ultimately simplifying incident response. Cato’s streamlined approach demonstrates a commitment to enhancing threat detection and response capabilities. … Read more
February 1, 2024 at 10:09AM The Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) is a significant nudge for companies in the defense industrial base and critical infrastructure to enhance cybersecurity. However, achieving CMMC compliance alone may not safeguard against sophisticated threats such as China’s PLA Unit 61398. To truly protect against cyber threats, companies … Read more
January 31, 2024 at 04:51PM Johnson Controls International (JCI) spent $27 million remediating a September 2023 ransomware attack on its systems, which threatened physical security according to government officials. The attack locked up IT infrastructure and allowed data exfiltration. JCI’s incident management and response plan, along with external cybersecurity specialists, helped restore affected systems. The … Read more
January 31, 2024 at 11:00AM Eight companies, including Crowe Indonesia Teknologi and Grant Thornton Consulting CJSC, have attained accreditation as cybersecurity service providers for Dubai’s “Cyber Force” initiative. The initiative, in collaboration with CREST and Dubai’s Electronic Security Center, aims to enhance cybersecurity measures and make Dubai the safest city in the digital space. Initially, … Read more
January 31, 2024 at 07:42AM Summary: Publicly traded organizations must comply with the SEC incident disclosure regulations by reporting cyber incidents deemed “material” within four business days. The new rules stress the importance of well-practiced IR programs and comprehensive cyber IR plans. However, traditional IR simulations can be challenging and costly, prompting the need for … Read more
January 23, 2024 at 03:56PM Subway is investigating claims by the LockBit 3.0 ransomware gang that they’ve breached the company’s internal system and plan to sell the data unless a ransom is paid. This potential shift in LockBit’s targets raises concerns, as they typically focus on midsize or small companies. Experts recommend implementing robust cybersecurity … Read more