Homepage

Watch

Watch: Tackling the Log4j supplier threat

ciso stories

devops

Ransomware

Listen: Panelists discuss the cost of ransomware to the business

In this episode of the CISO Stories Podcast, a panel of experts examine the findings of a ransomware report and how organizations can better prepare to defend against and respond to the attacks.

“Cash Money (part two)” by jtyerse is licensed under CC BY-NC-ND 2.0

Compliance, emerging technology will fuel financial tech funding in 2022

Karen HoffmanJanuary 21, 2022

Financial firms and other equity partners will increasingly invest in financial technology firms, as they must mind their compliance demands in the coming year, according to industry experts.

Ransomware

Will ransomware gangs see flow of cash throttled by Russia cryptocurrency restrictions?

SC StaffJanuary 21, 2022

Russia's federal bank, the Bank of Russia, issued sweeping recommendations to restrict the local cryptocurrency ecosystem. With a substantial portion of the cybercriminal economy operating out of Russia, using cryptocurrency to transfer wealth, an unintended side effect of such laws may be to eliminate some of the comfort ransomware gangs have found in the region.

Leadership

What’s it mean? Making sense of Twitter’s decision to oust ‘Mudge’ Zatko and Rinki Sethi

Steve ZurierJanuary 21, 2022

Few details the circumstances of the departures were made available by Twitter, but security analysts considered it a somewhat surprising development because Zatko and Sethi had only been on the job since late 2020 — not long after Twitter’s widely reported hack that compromised the accounts of many celebrities, including then-presidential candidate Joe Biden. Some speculated that Agrawal was facing pressure from investors to do more about security.

Ransomware

Patient data stolen ahead of Memorial Health ransomware attack, EHR downtime

Jessica DavisJanuary 21, 2022

This week’s breach roundup is led by Memorial Health System’s confirmation that patient data was possibly stolen during a ransomware attack that led to care disruptions in August.

Privacy

IRS plans for facial recognition draw scrutiny from privacy, cybersecurity advocates

Derek B. JohnsonJanuary 21, 2022

An IRS plan to use ID.me and facial recognition software would represent "a massive expansion" of the federal government's (long and controversial) biometric surveillance record and carries real privacy and cybersecurity concerns, experts say.

Cybersecurity Asset Management

HHS shares Log4j remediation guide, urges healthcare to assume compromise

Jessica DavisJanuary 21, 2022

As all industries continue to struggle with Log4j remediation, HHS HC3 is urging the healthcare sector to assume systems have been compromised and to review new vulnerability guidance.

Legislation

Use FITARA law to measure government cybersecurity goals, experts say

Derek B. JohnsonJanuary 20, 2022

A law originally designed to push IT modernization in the federal government should be used to evaluate how agencies are meeting a number of government-wide cybersecurity goals, from modernization and supply chain threats to implementing post-quantum encryption protocols, experts told Congress.

Cybersecurity Asset Management

IV pumps riskiest healthcare IoT, while 50% of medical devices hold critical flaws

Jessica DavisJanuary 20, 2022

Cynerio’s healthcare IoT and medical device report reveals the most common vulnerabilities in the healthcare and hospital environments, stressing the need for network segmentation.

Identity and access

Spiking fraud will force financial industry to rethink authentication in 2022

Karen HoffmanJanuary 20, 2022

As financial fraud continues to climb, experts say that this year will force the industry to change its approach on many security fronts, especially authentication.

SC EVENTS

Coming Soon

Third-party Risk and the Supply Chain

Preventing Ransomware and Data Exfiltration

The Future of Identity & Access

Watch

Watch: Tackling the Log4j supplier threat

ciso stories

devops

Listen: Panelists discuss the cost of ransomware to the business

In Brief

Researchers detail fake Amazon scheme as scams seize on ‘crypto fever’

Red Cross breach could happen to any organization, security community warns

Fusion Connect acquired by Morgan Stanley

Philippines bank will no longer use clickable website links on promo materials

Critical vulnerabilities submissions increased 185% for financial sector in 2021

Perspectives

The combination of zero-trust with digital forensics offers a near-ironclad approach to insider activity

Four ways to shut the door on accounts payable fraud

Four cybersecurity trends for 2022

How DMARC can help prevent malicious email attacks

Burnout has reached crisis levels — but CISOs have the power to do something about it

Compliance, emerging technology will fuel financial tech funding in 2022

Will ransomware gangs see flow of cash throttled by Russia cryptocurrency restrictions?

What’s it mean? Making sense of Twitter’s decision to oust ‘Mudge’ Zatko and Rinki Sethi

Patient data stolen ahead of Memorial Health ransomware attack, EHR downtime

IRS plans for facial recognition draw scrutiny from privacy, cybersecurity advocates

HHS shares Log4j remediation guide, urges healthcare to assume compromise

Use FITARA law to measure government cybersecurity goals, experts say

IV pumps riskiest healthcare IoT, while 50% of medical devices hold critical flaws

Spiking fraud will force financial industry to rethink authentication in 2022