July 25, 2024 at 10:06AM Cybersecurity risks extend to operational technology (OT), often overlooked by IT and cybersecurity professionals. Lack of attention on OT attacks, such as those on critical infrastructure, highlights the need for better security measures. Proposed solutions include risk management, visibility, documentation, and secure remote access. Challenges persist due to limited tools, … Read more
July 24, 2024 at 05:58PM The global supply chain network has increased organizations’ interconnectedness, posing a higher risk of data breaches and security incidents involving third-party vendors. Research shows 98% of organizations have experienced third-party cybersecurity breaches in the past two years. Investments in third-party risk management programs are rising, with a focus on using … Read more
July 23, 2024 at 03:07PM CrowdStrike’s recent software update caused widespread disruptions, highlighting the need for greater resiliency in enterprise IT. The faulty update affected millions of Windows systems worldwide, leading to recovery challenges and additional threats from cyber actors. The incident prompted a congressional inquiry and raised questions about automatic software updates. Restoring impacted … Read more
July 19, 2024 at 10:05AM Organizations are increasing investments to combat cyber threats, but the human element remains a significant vulnerability. Traditional security awareness training isn’t sufficient, as individual risk levels vary. A tailored, data-driven approach is needed to identify high-risk employees and provide personalized security measures, enhancing both protection and the demonstration of investment … Read more
July 17, 2024 at 04:10PM QBE Insurance has unveiled QCyberProtect, a comprehensive global cyber policy offering tailored coverage for emerging cyber risks. The policy includes a network of cyber experts and QCyberPrepare, a risk management tool. Currently available in 10 countries, the policy will be launched in more countries. QBE North America, part of QBE … Read more
July 16, 2024 at 08:23AM Organizations are prioritizing resiliency, aiming to operate during attacks and recover swiftly. Poor communication between stakeholders hinders response and recovery. Cytactic, a new cybersecurity startup, offers a software-as-a-service platform to consolidate crisis readiness, response, and recovery, streamlining information sharing and decision-making. Gartner emphasizes the importance of synchronized incident response preparation … Read more
July 15, 2024 at 10:15AM Manufacturers face a pressing need to address cybersecurity, particularly as they are the primary target for ransomware threats. There’s a shortage of cybersecurity professionals, but manufacturers can enhance their defenses with adequate training and tools. Recognizing and responding to early warning signs of ransomware attacks is crucial, along with taking … Read more
July 10, 2024 at 10:04AM AI-powered meeting assistants promise increased productivity by recording video, transcribing audio, and providing analytics. However, businesses must consider the privacy and security risks of allowing AI assistants to eavesdrop on conversations and collect sensitive data. Legal requirements for consent vary, and proactive steps are necessary to mitigate risks and maintain … Read more
July 5, 2024 at 07:43AM The evolving attack surface poses a significant challenge to business security. Gartner introduced Continuous Threat Exposure Management (CTEM) as a solution, predicting 3 times less breaches for organizations that prioritize it. CTEM offers a comprehensive view of the attack surface, emphasizes vulnerability management and validation, and urges organizations to adapt … Read more
July 2, 2024 at 01:38PM Zero trust security is an effective cybersecurity approach addressing modern threats by continuously verifying and monitoring all network activities. Despite complexity and resource needs, it offers improved security posture and risk reduction. ISC2 members identified barriers to implementation including cultural shift, cost, complexity, and poor user experience. ISC2 offers zero … Read more