Latest

Endpoint Security

Vulnerabilities Identified in Baxter Infusion Pump Devices

Marianne Kolbasuk McGee  •  September 9, 2022

Vulnerabilities in certain medication infusion pump products from manufacturer Baxter could compromise a hospital's biomedical network. The flaws highlight the risks involving the acquisition and disposal of medical technology, says researcher Deral Heiland of Rapid7.

Governance & Risk Management

SMBs! Forget Retainer-based Security Assessments: Demand Funded POCs

Adam Mansour  •  September 8, 2022

A new delivery model is surfacing for various assessment services - one that is going to be bad for SMBs, whose options were already limited.

3rd Party Risk Management

The Key To Compliance? Third-Party Management

Tori Taylor  •  August 30, 2022

They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.

Next-Generation Technologies & Secure Development

The Value of Digital Transformation

Andrew Stevens  •  August 30, 2022

With the increase in remote workers and proliferation of uncontrolled devices, your IT team has been migrating applications to the cloud along with building cloud-native applications to support the speed needed by the business.

Cybercrime

Karma Calling: LockBit Disrupted After Leaking Entrust Files

Mathew J. Schwartz  •  August 23, 2022

Ransomware karma: The notorious LockBit 3.0 ransomware gang's site has been disrupted via a days-long distributed-denial-of-service attack, with administrator LockBitSupp reporting that it appears to be retribution for the gang leaking files stolen from a recent victim: security firm Entrust.

Electronic Healthcare Records

Evolving Ransomware Threats on Healthcare

Adam Mansour  •  August 22, 2022

While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit.

Breach Notification

Lack of Access Management Is Causing Data Breaches

Isa Jones  •  August 18, 2022

The costs of hacks are rising, the amount of ransomware is rising, and the number of organizations that have been breached will also rise unless organizations take action.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

Guardsquare  •  August 17, 2022

Why have attacks from rogue mobile apps grown by 49% in Q3?

Endpoint Detection & Response (EDR)

MDR vs Managed EDR: The Two Meanings of Managed

Adam Mansour  •  August 10, 2022

While Managed EDR can help in many endpoint scenarios, it’s important to be aware that going beyond the endpoint allows MDR and extended detection and response (XDR) to offer broader cybersecurity coverage.

Cloud Security

Netskope Expands Into Cloud Networking With Infiot Purchase

Michael Novinson  •  August 2, 2022

With its acquisition of Infiot, Netskope now carries both the networking and security technology needed to build a Secure Access Service Edge architecture following. The acquisition of Infiot's platform will allow Netskope customers to address both traditional and emerging SD-WAN use cases.

►

Endpoint Security

Profiles in Leadership: Sean Mack

Mathew J. Schwartz  •  July 25, 2022

Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.

►

Events

Profiles in Leadership: Caleb Sima

Michael Novinson  •  July 11, 2022

It's not the emerging technology or the increasingly complex threat landscape. Instead, people and process are what prove to be consistently the most challenging parts of the job for Caleb Sima, chief security officer at Robinhood.