This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
GSA Establishes Framework for Security Regulations Covering Federal Acquisitions The federal government aims to streamline its information security and supply chain security procurement policies as part of an effort to better safeguard federal systems.
Also: Dealing With COVID-19 Business Recovery; Zynga Case Goes to Arbitration In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.
Security Directive Issued Following Colonial Pipeline Ransomware Attack The Department of Homeland Security has issued a cybersecurity directive that requires the operators of oil and gas pipelines to report ransomware attacks and other security incidents to the government and take other security steps.
Stormshield Is a Major Supplier of Security Products to the French Government French security vendor Stormshield has launched an investigation after an internal review found that hackers accessed the source code of the company's network security product.
Cybersecurity Experts Say Operatives Probably Intercepted Physical Supply Chain It doesn't appear to be a cyberattack, security experts said of the hundreds of pagers that blew up Tuesday across Lebanon, an apparent salvo against Hezbollah militants by the Israeli government.
Cites Need to Secure Privately Owned Critical Infrastructure, Signs Proclamation As Cybersecurity Awareness Month kicks off this week, U.S. President Joe Biden has weighed in on his administration's efforts to curb cyberattacks and bolster the federal government'ssecurity posture.
Federal Civilian Agencies 'Are Likely to Resist This Dramatic Change,' Report Says A study of federal governmentcybersecurity suggests the Department of Homeland Security could play a more prominent role in securing civilian networks, in a report that touts a "more centralized defensive strategy."
Cybersecurity and Infrastructure Security Agency is warning about a recent spike in Emotet botnet attacks - designed to spread other malware - that are targeting state and local government agencies. Botnet Called 'One of the Most Prevalent Ongoing Threats' The U.S.
Order Emphasizes Partnerships, IT Modernization and Supply Chain Security President Joe Biden signed an extensive executive order Wednesday, detailing the government's plan to increase cybersecurity protection across the public and private sectors, as well as securing the nation's infrastructure against the type of attack that targeted SolarWinds and (..)
Vulnerabilities Exploited Include a Zero-Day in Ivanti's Pulse Connect Secure The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that U.S.
More Layers of Security Anticipated for Government Websites The Cybersecurity and Infrastructure Security Agency will take over the day-to-day management of the official.gov top-level domain in April, adding a greater emphasis on security for the domains used for government websites.
Cybersecurity and Infrastructure Security Agency hopes to expand voluntary information sharing between the federal government and open-source software operators with a series of actions the agency announced following a two-day open-source security summit held at its Virginia headquarters.
Advisory Urges Multifactor Authentication, Network Segmentation, Patching and More The pace of Conti ransomware attacks has been increasing, with more than 400 organizations globally having fallen victim, warns a joint cybersecurity advisory from the U.S.
The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “A nurse or doctor can’t do what we do, and we can’t do what they do,” Espinosa said.
GAO Offers Recommendations to Improve Space Agency's Cyber Protections A government watchdog is urging NASA to make multiple improvements to its cybersecurity and risk management policies to counter threats to the space agency's network, infrastructure and data.
Sizing Up Efforts at the State and Local Level to Enhance Protections State and local governments are better equipped to ensure election security than they were four years ago, says Christopher Krebs, director of CISA, who calls on election officials to serve as "risk managers."
Agencies Offer Advice on Minimizing Attack Surface In a bid to address security risks associated with the use of virtual private network solutions, the National Security Agency and the Cybersecurity and Infrastructure Security Agency on Tuesday offered government leaders guidance on selecting remote access VPNs and strengthening their security.
It’s no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., These individuals have many transferable skills that would make cybersecurity a prosperous civilian career. This experience can also be helpful when training cybersecurity talent.
Tips for Finding and Getting Security Jobs in a Global Market Organizations ranging from multinational corporations to government agencies and international nonprofits require cybersecurity expertise.
and Europe that could regulate AI, recent developments within the EU cybersecurity and privacy policy arena, and the disparities between the perspectives of business leaders and cybersecurity leaders on the security landscape.
In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually. Acting on a tip from Milwaukee, Wis.-based
government released voluntary guidance intended to help artificial intelligence developers and vendors protect models from hacking and potential sabotage. Companies should strengthen supply chain security and decrease risks from vulnerable AI systems to customers, such as data loss.
New Law Calls for Better Reporting, Securing Devices and Critical Infrastructure The Australian government's proposed cybersecurity legislation passed both houses of the Parliament on Monday, formalizing the government's strategy to boost ransomware payment reporting, mandate basic cybersecurity standards for connected devices and enhance critical (..)
Report on Canceled VA Project Offers Governance Lessons for Others The Department of Veterans Affairs’ watchdog agency alleges that two VA employees “concealed” and “mispresented” the cybersecurity and privacy risks of an ambitious "big data" project that would have analyzed 22 million veterans’ health records dating back two decades.
Alejandro Mayorkas: ‘Cybersecurity of Our Nation Will Be One of My Highest Priorities’ Alejandro Mayorkas, the newly confirmed secretary of the Department of Homeland Security, says his initial priorities include reviewing all available intelligence on the SolarWinds supply chain hack and scrutinizing the government'scybersecurity programs.
Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Nikita Kislitsin, at a security conference in Russia. Department of Justice. “The company is monitoring developments.”
agencies to address hard problems like quickly writing secure code but comes with risks around nation-states generating attacks more efficiently. The cybersecurity element is a great example of the bright and the dark side of AI technology," said White House Director Arati Prabhakar.
The National Institute of Standards and Technology (NIST) has updated their widely used Cybersecurity Framework (CSF) — a free respected landmark guidance document for reducing cybersecurity risk. It seeks to establish and monitor your company’s cybersecurity risk management strategy, expectations, and policy. The CSF 2.0
Stephen Doughty Says Cybersecurity Vital to National And Economic Security The British government will continue disruptive actions against ransomware and malware operators, a top U.K. government official vowed Wednesday. government views security as a core pillar of economic and strategic growth.
Trading Bloc Reaches Political Agreement on the Cyber Solidarity Act The European Parliament and the council of direct European national governments reached a political agreement Tuesday on a proposal that seeks to improve trading bloc cybersecurity.
On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. Speaking on condition of anonymity, two cybersecurity experts who’ve briefed U.S.
At the start of this year, analysts identified a number of trends driving the growth of cybersecurity. Among them: an expanding digital footprint, growing attack surfaces, and increasing government regulation. billion in venture capital poured into cybersecurity companies globally. Securing APIs. Leveraging data science.
Businesses, Agencies The hacking group "Pioneer Kitten," which has suspected ties to the Iranian government, is taking advantage of several unpatched vulnerabilities and using open source tools to target U.S. businesses as well as federal government agencies, according to the Cybersecurity and Infrastructure Security Agency.
Parties Vow to Continue Negotiations Time ran out for a non-binding takeover bid from the French government for the cybersecurity business of beleaguered Parisian IT consultancy Atos. Among the world's largest manage security service providers, the financially-struggling firm is strategically important to the French government.
“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” What kind of security failures created an environment that allegedly allowed a former CIA employee to exfiltrate so much sensitive data? Moving too slowly to enact key security safeguards.
Finally, Uncle Sam is compelling companies to take cybersecurity seriously. Cybersecurity Maturity Model Certification version 2.0 could take effect as early as May 2023 mandating detailed audits of the cybersecurity practices of any company that hopes to do business with the Department of Defense. Auditable reviews.
CISA Acting Director and Federal CISO Tell Senate of Need for a New Government Strategy The SolarWinds supply chain attack should push federal government agencies to adopt the "zero trust" model and deploy better endpoint detection and response tools, according to the new federal CISO and the acting director of the U.S.
federal watchdog said government agencies could better synchronize efforts to improve water and wastewater sector cybersecurity efforts and faulted the Cybersecurity and Infrastructure Security Agency for not coordinating well with the Environmental Protection Agency.
Here’s the final installment of leading technologists sharing their observations about cybersecurity developments in the year that’s coming to a close — and the year to come. Consumers will begin to see their favorite applications touting “quantum-secure encryption.” Executive Order 14028 , across the globe.
A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”
The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. ” What constitutes “good faith security research?” ” The new DOJ policy comes in response to a Supreme Court ruling last year in Van Buren v.
Such consolidation across markets is good news for customers and vendors alike in terms of market growth and maximizing security investments. Throughout this period, the risk level of the acquirer is much higher than the acquired company, creating a major cybersecurity gap as they merge their tech stack and security tools together.
We organize all of the trending information in your field so you don't have to. Join 55,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content