July 10, 2024 at 07:48AM The author reflects on their 100 columns for SecurityWeek and the lack of progress in cybersecurity. They note the increasing frequency and severity of cyber breaches and emphasize the human element in security vulnerabilities. They advocate for enhancing identity management, endpoint security, cloud and supply chain risk management, risk-based prioritization, … Read more
May 23, 2024 at 07:22AM The text discusses the rising concerns around deepfake technology and its potential to deceive through audio and video manipulation. As deepfakes pose a threat to various sectors and can exacerbate disinformation campaigns, security teams are encouraged to adopt a Zero Trust Approach and consider AI labeling as a strategy. The … Read more
March 18, 2024 at 11:03AM The UK’s National Cyber Security Centre (NCSC) has released guidance for organizations using operational technology (OT) to assess the potential migration of their supervisory control and data acquisition (SCADA) systems to the cloud. The guidance highlights the need for a risk-based decision, considering unique technical requirements and the increased cybersecurity … Read more
December 18, 2023 at 10:05AM The SolarWinds attack in December 2020 compromised 18,000 organizations and revealed vulnerabilities in supply chain security. Recent developments highlight SolarWinds’ breach detection timeline and resulted in legal action. Regulators are pursuing improved security practices, and governments and organizations are working together to strengthen cybersecurity frameworks, promote information sharing, and prioritize … Read more
October 16, 2023 at 08:35PM Connected medical devices are vulnerable to cyber attacks, endangering patient data and operations. Palo Alto Networks found that 75% of infusion pumps had at least one security flaw. Hospitals can enhance defenses by maintaining visibility of assets, identifying device exposures, implementing a zero trust approach, using virtual patching for legacy … Read more