Latest

Cloud Security

How to Achieve Cloud Security and Visibility Through Threat Detection

Tom Field  •  October 21, 2022

Russell Shupert of Veeva Systems explains the challenges faced in securing a complex environment. He discusses how his team overcame these challenges, the benefits they achieved and how Threat Stack's Cloud Workload Protection and Application Infrastructure Protection tool helped along the way.

►

3rd Party Risk Management

What to Do Based on 2022: Expert Analysis of TPSRM Survey

Tony Morbin  •  September 21, 2022

From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.

3rd Party Risk Management

What Industry Is Most Vulnerable to a Cyberattack?

Tori Taylor  •  September 13, 2022

The data shows that every industry contains vulnerabilities and strengths, but there are a few standout points to consider.

Next-Generation Technologies & Secure Development

Hybrid Cloud Changes the Game for Security

Andrew Stevens  •  September 12, 2022

Embracing new technologies to gain benefits such as increased agility and rapid application delivery makes good business sense, but existing architectures also need to be maintained and secured to protect the critically important data residing on server workloads across the hybrid cloud.

Endpoint Security

Vulnerabilities Identified in Baxter Infusion Pump Devices

Marianne Kolbasuk McGee  •  September 9, 2022

Vulnerabilities in certain medication infusion pump products from manufacturer Baxter could compromise a hospital's biomedical network. The flaws highlight the risks involving the acquisition and disposal of medical technology, says researcher Deral Heiland of Rapid7.

Governance & Risk Management

SMBs! Forget Retainer-based Security Assessments: Demand Funded POCs

Adam Mansour  •  September 8, 2022

A new delivery model is surfacing for various assessment services - one that is going to be bad for SMBs, whose options were already limited.

Next-Generation Technologies & Secure Development

The Value of Digital Transformation

Andrew Stevens  •  August 30, 2022

With the increase in remote workers and proliferation of uncontrolled devices, your IT team has been migrating applications to the cloud along with building cloud-native applications to support the speed needed by the business.

3rd Party Risk Management

The Key To Compliance? Third-Party Management

Tori Taylor  •  August 30, 2022

They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.

Cybercrime

Karma Calling: LockBit Disrupted After Leaking Entrust Files

Mathew J. Schwartz  •  August 23, 2022

Ransomware karma: The notorious LockBit 3.0 ransomware gang's site has been disrupted via a days-long distributed-denial-of-service attack, with administrator LockBitSupp reporting that it appears to be retribution for the gang leaking files stolen from a recent victim: security firm Entrust.

Electronic Healthcare Records

Evolving Ransomware Threats on Healthcare

Adam Mansour  •  August 22, 2022

While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit.

Breach Notification

Lack of Access Management Is Causing Data Breaches

Isa Jones  •  August 18, 2022

The costs of hacks are rising, the amount of ransomware is rising, and the number of organizations that have been breached will also rise unless organizations take action.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

Guardsquare  •  August 17, 2022

Why have attacks from rogue mobile apps grown by 49% in Q3?