Information Security - Information Management Today

Feds Tackling Information Security in Government Procurement

Data Breach Today

APRIL 1, 2024

GSA Establishes Framework for Security Regulations Covering Federal Acquisitions The federal government aims to streamline its information security and supply chain security procurement policies as part of an effort to better safeguard federal systems.

Information Security

Information Security Government Security Cybersecurity

On the Future of Cybersecurity in Hybrid Cloud Environments

Data Breach Today

JUNE 12, 2024

An Interview with Gigamon's Chief Security Officer, Chaim Mazal Chief Information Security Officers (CISOs) face unprecedented challenges in their efforts to protect their organizations against a rising tide of increasingly sophisticated cyberthreats.

Cloud

Cloud Cybersecurity Information Security Security

Cybersecurity Trends to Watch in 2024

Data Breach Today

JANUARY 1, 2024

Expert Panelists Debate Impact of AI, Geopolitics and New Tactics in the Year Ahead In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024.

Cybersecurity

Cybersecurity Ransomware Information Security Privacy

Chinese Hacking Contractor iSoon Leaks Internal Documents

Data Breach Today

FEBRUARY 20, 2024

Company Mainly Hacked for the Ministry of Public Security An apparent leak of internal documents from a Chinese hacking contractor paints a picture of a disaffected, poorly paid workforce that nonetheless penetrated multiple regional governments and possibly NATO.

Information Security

Information Security Government Security

First American Financial's SEC Breach Settlement: $488,000

Data Breach Today

JUNE 21, 2021

Information security staff members were aware of the vulnerability in the company's EaglePro document-sharing system for five months but failed to fix it, the SEC reports. SEC: Executives Left in Dark About Vulnerability in File-Sharing System Title insurance company First American Financial Corp.

Insurance

Insurance Data breaches Information Security Security

Canada East Summit: From Ransomware to Growing CISO Liability

Data Breach Today

OCTOBER 7, 2024

Canadian Cybersecurity Leaders Brace for Changing Security Landscape and Regulations At the recent Cybersecurity Summit: Canada East, hosted by Information Security Media Group, cybersecurity leaders, industry experts and top executives discussed the surge in ransomware attacks, the integration of AI into security frameworks and growing personal liability (..)

Ransomware

Ransomware Cybersecurity Information Security Security

Inside CISA's Unprecedented Election Security Mission

Data Breach Today

SEPTEMBER 2, 2024

CISA 'Committing More Resources Than Ever Before' to Election Infrastructure The Cybersecurity and Infrastructure Security Agency told Information Security Media Group it is in the process of carrying out its most expansive national effort to secure election infrastructure across the country ahead of the upcoming November election.

Security

Security Information Security Cybersecurity IT

ISMG Editors’ Panel: Challenges for New CISA Leader

Data Breach Today

JULY 16, 2021

Discussion Also Tackles Vendor Security Issues In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S.

Cybersecurity

Cybersecurity Information Security Risk Security

ISMG Editors: Opening Day Overview of InfoSec Europe 2024

Data Breach Today

JUNE 5, 2024

Panel Discusses Trends in Ransomware, Application Security and Generative AI Information Security Media Group editors are live at InfoSecurity Europe Conference 2024 in London with an overview of opening-day activities and hot topics including the latest ransomware trends, software security, election security and artificial intelligence risks.

Artificial Intelligence

Artificial Intelligence Ransomware Information Security Risk

ISMG Editors: Our Pledge to You in a New Era of Journalism

Data Breach Today

MARCH 8, 2024

healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at Information Security Media Group.

Information Security

Information Security Security IT

Why HHS' Cybersecurity Goals Aren't Necessarily Voluntary

Data Breach Today

MARCH 14, 2024

Healthcare sector organizations need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before they become potential mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.

Cybersecurity

Cybersecurity Information Security Security

Key Federal Cyber Panel to Probe Chinese Telecoms Hacking

Data Breach Today

OCTOBER 28, 2024

Cyber Safety Review Board to Examine Beijing-Linked Telecom Breaches A key federal cybersecurity panel will investigate Chinese-linked hacks into United States telecom networks and wiretapping infrastructure amid growing concerns of vulnerabilities embedded into the nation's communications infrastructure, an official told Information Security Media (..)

Communications

Communications Information Security Cybersecurity Security

CISOs: Make Sure Your Team Members Fit Your Company Culture

Data Breach Today

MARCH 22, 2024

Because 'Culture Eats Strategy for Breakfast,' as the Saying Goes Chief information security officers are challenged with building high-functioning cybersecurity teams amid an impossible labor and skills market.

Marketing

Marketing Information Security Cybersecurity Security

Anonymous Reportedly Hacked Russian Energy Firm Rosneft

Data Breach Today

MARCH 15, 2022

Report: Business Operations Unaffected, Despite Some Disruption International hacking collective Anonymous reportedly hacked the German subsidiary of Russian energy company Rosneft on Monday, die Welt newspaper says, citing the country's cybersecurity watchdog, the Federal Office for Information Security.

Information Security

Information Security Cybersecurity Security

Denial-of-Service Attack Could Put Servers in Perpetual Loop

Data Breach Today

MARCH 21, 2024

Researchers at the CISPA Helmholtz Center for Information Security say attackers are using IP spoofing to entangle two servers in a perpetual communication loop.

Communications

Communications Information Security Risk Security

Sustaining Institutional Knowledge as ICT Landscapes Evolve

Data Breach Today

MAY 20, 2024

Here are several strategies and practices chief information security officers and chief information officers can use to maintain institutional knowledge.

Information Security

Information Security Security

Large Language Models: Moving Past the Early Stage

Data Breach Today

JANUARY 3, 2024

For cybersecurity professionals, these are "exciting times we live in," said Dan Grosu, CTO and CISO at Information Security Media Group. AI, machine learning and large language models are not new, but they are coming to fruition with the mass adoption of generative AI.

Information Security

Information Security Cybersecurity Security

Amazon CISO Amy Herzog on Embedding Security in Ring, Alexa

Data Breach Today

OCTOBER 2, 2024

How Amazon Accelerates Product Development While Securing Customer Data Amy Herzog, chief information security officer for Ads and Devices at Amazon, shares how her cybersecurity team accelerates product development by integrating security from the start to secure customer data on popular consumer devices like Ring and Alexa.

Security

Security Information Security Cybersecurity

Twitter Security Allegations: Cybersecurity Experts Respond

Data Breach Today

AUGUST 24, 2022

Takeaway: Behind-the-Scenes Security Reality at Well-Known Brands Not Always Pretty Cybersecurity experts have been reacting to industry veteran Peiter Zatko's allegations of poor information security practices at Twitter, with many noting that he's hardly the first expert to have been hired to remedy serious problems, only to say they were prevented (..)

Cybersecurity

Cybersecurity Security Information Security

China Denies Banning Government Use of Apple iPhones

Data Breach Today

SEPTEMBER 14, 2023

China Cites Apple Security Flaws in Warning to Foreign Mobile Device Manufacturers China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic (..)

Government

Government Manufacturing Information Security Security

Microsoft CISO, Deputy CISO Reassigned in Management Shakeup

Data Breach Today

DECEMBER 7, 2023

Former Bridgewater CTO Igor Tsyganskiy Named CISO in Wake of Chinese Email Hack Microsoft has demoted its CISO after 14 years on the job, reassigned its deputy CISO and named Igor Tsyganskiy - a former CTO at Bridgewater Associates who just joined Microsoft four months ago as chief strategy officer - as its new chief information security officer.

Information Security

Information Security Security IT

ISMG Editors: What Did the Sam Altman-OpenAI Saga Teach Us?

Data Breach Today

DECEMBER 1, 2023

Also: ChatGPT Turns 1 Year Old; Police Nab Ransomware Gang Chief in Ukraine In the latest weekly update, four editors at Information Security Media Group discuss Sam Altman and OpenAI's brief leadership nightmare, the state of generative AI one year after the general release of ChatGPT, and how police nabbed a suspected ransomware group ringleader (..)

Ransomware

Ransomware Information Security Security

Ohio Community College Data Theft Breach Affects Nearly 300K

Data Breach Today

SEPTEMBER 21, 2023

Researchers Say Breach Illustrates Why Schools Are Major Targets for Cybercriminals An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal and health information. Security researchers say small schools such as this are now favored targets.

Information Security

Information Security Security

London Cybersecurity Summit Spotlights AI and Ransomware

Data Breach Today

SEPTEMBER 26, 2023

Experts Emphasize Proactive Security Measures and Resilience to Mitigate Threats Information Security Media Group recently concluded its Cybersecurity Summit: London, which brought together industry leaders for a day of informative sessions covering a diverse range of critical cybersecurity topics, including CISOs' vulnerability to liability, ransomware (..)

Cybersecurity

Cybersecurity Ransomware Information Security Security

Northern Ireland's Police Service to Revamp Cybersecurity

Data Breach Today

DECEMBER 12, 2023

Independent Review Issues 37 Recommendations to Police Service of Northern Ireland Following an information security breach rated as the worst in U.K.

Cybersecurity

Cybersecurity Information Security Security

ISMG Editors: Latest Updates on AI Tech, Regulations

Data Breach Today

NOVEMBER 10, 2023

Also: Key Takeaways From UK AI Summit; Security Insights From India In the latest weekly update, editors at Information Security Media Group discuss the shaping of responsible artificial intelligence governance, major takeaways from the U.K.

Artificial Intelligence

Artificial Intelligence Information Security Government Security

Mapping the Unseen Vulnerabilities of Zombie APIs

Data Breach Today

DECEMBER 5, 2023

Joshua Scott, head of information security and IT at API platform Postman, says businesses need to identify "what is critical to the business and map backward." Zombie APIs are becoming more common, just because of the sheer number APIs and third-party vendors that organizations rely on.

Information Security

Information Security Security IT

More Mobile Devices, More Problems, Security Survey Finds

Data Breach Today

AUGUST 4, 2022

Verizon Business Finds That Companies Still Struggle to Secure Employee Devices The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes.

Security

Security Information Security

How the Paris Olympics Survived Unprecedented Cyberthreats

Data Breach Today

AUGUST 19, 2024

France’s cyber defense agency teamed up with governments and security experts from across the globe to identify and mitigate a historic level of both physical and cyber threats following years of preparation, experts tell Information Security Media Group.

Information Security

Information Security Government Security

Gamification Can Make Security Training Fun

Data Breach Today

JULY 24, 2023

Webhelp CISO on Interactive Tools for Cybersecurity Awareness Training In a bid to revolutionize information security training and make it more engaging and memorable for employees, Ivan Milenkovic, group CISO at WebHelp, advises firms to adopt gamification and interactive content in corporate training to make it more accessible and memorable for employees. (..)

Security

Security Information Security Cybersecurity Access

FTC Orders 1Health.io to Improve DNA Data Privacy, Security

Data Breach Today

JUNE 16, 2023

Agency Alleges 1Health Deceived Consumers About How It Handled Sensitive Data A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.

Data Privacy

Data Privacy Privacy Security Information Security

Why Security Leaders Need to Have a 'Broadness of Skills'

Data Breach Today

AUGUST 1, 2023

Security Analyst Paul Watts on How the CISO's Role Is Connected to the Business Security is about more than technology, said Paul Watts, a distinguished analyst at the Information Security Forum. Watts discussed how security leaders can achieve this goal.

Security

Security Information Security IT

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. “My team is frustrated by the permissive nature of the platform,” Carbee said. Akiri said he notified the Washington D.C.

Access

Access Information Security Authentication Communications

Beyond Phishing: AI's New Tricks for Cyberattacks

Data Breach Today

SEPTEMBER 27, 2024

Paramount's Surinder Lall on AI Impersonation, Deepfakes, AI Governance Frameworks While AI transforms business operations, it helps cybercriminals develop sophisticated impersonation techniques such as deepfakes and voice synthesis, posing new challenges for corporate security, said Surinder Lall, senior vice president of global information security (..)

Phishing

Phishing Information Security Risk Government

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

” Those third-party reports came in late June 2024 from Michael Horka , senior lead information security engineer at Black Lotus Labs , the security research arm of Lumen Technologies , which operates one of the global Internet’s largest backbones. victims and one non-U.S. ”

Communications

Communications Information Security Security Cybersecurity

Election Experts Still Demanding More Federal Cyber Support

Data Breach Today

SEPTEMBER 11, 2024

State Officials, Security Experts Warn of Increased Cyberthreats Ahead of Vote Election security experts told Information Security Media Group the United States continues to lack adequate federal funding and resources to support state and local election information technology security efforts amid heightened global tensions and an ever-expanding threat (..)

Information Security

Information Security Security

Experts Warn CISA’s Threat Sharing is in a 'Death Spiral'

Data Breach Today

OCTOBER 1, 2024

US Cyber Defense Agency’s Flagship Threat Sharing Initiative Facing Major Hurdles Experts told Information Security Media Group the Cybersecurity and Infrastructure Security Agency’s flagship threat sharing initiative faces major logistical hurdles and may need to be replaced with a more mature approach to automated threat analysis following a damning (..)

Information Security

Information Security Cybersecurity Security

Crypto Roundup: LastPass Breach Linked to $5.4M Crypto Theft

Data Breach Today

DECEMBER 19, 2024

Also, CoinLurker Malware Steals Data via Fake Updates Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, LastPass breach linked to $5.4M

Information Security

Information Security Cybersecurity Security

London Cybersecurity Summit: Building Cyber Resilience

Data Breach Today

SEPTEMBER 20, 2024

Security Leaders Explored Trends in Identity Threats, Post-Brexit Compliance and AI At the annual Cybersecurity Summit: London, Information Security Media Group recently brought together top cybersecurity professionals, executives and thought leaders to find solutions to the latest threats, identity-related weaknesses and emerging risks posed by AI (..)

Cybersecurity

Cybersecurity Compliance Information Security Risk

ISMG Editors: CrowdStrike Competitors Analyze Outage, Impact

Data Breach Today

AUGUST 30, 2024

Also: UN Convention Against Cybercrime Efforts; Serving SMBs' Cybersecurity Needs In the latest weekly update, Information Security Media Group editors discussed how CrowdStrike's competitors are responding to its outage, why security vendors want to serve the unique needs of SMB organizations and the status of U.N.

Information Security

Information Security Cybersecurity Security IT

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. If you were confused at this point, you might ask Google who it thinks is the current Chief Information Security Officer of Chevron.

Information Security

Information Security Communications IT Cybersecurity

Transforming Knowledge Management With Generative AI

Data Breach Today

JULY 23, 2024

Aboitiz Data Innovation's Guy Sheppard on Tailoring AI to Banking Requirements Aboitiz Data Innovation faced a unique challenge: Design a wholesale architecture for a generative AI lab for a bank while ensuring accurate responses and maintaining strict information security protocols, said Guy Sheppard, chief commercial officer at Aboitiz Data Innovation. (..)

Information Security

Information Security Security

Black Hat/DEF CON 2024: Latest Insights on Security and AI

Data Breach Today

SEPTEMBER 13, 2024

ISMG Compendium Showcases More Than 50 Interviews on Threats, Emerging Solutions Welcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspectives from CEOs, CISOs and government officials on the latest trends in (..)

Security

Security Cybersecurity Information Security Government

What Biden Dropping Out Could Mean for Federal Cyber Policy

Data Breach Today

JULY 23, 2024

US President's Withdrawal Comes at a Turbulent Time for Federal Cybersecurity President Joe Biden's withdrawal from the 2024 election is sparking new concerns about federal cybersecurity during an already turbulent moment for cybersecurity in the United States, experts told Information Security Media Group just days after the largest reported IT outage (..)

Cybersecurity

Cybersecurity Information Security Security IT

Feds Tackling Information Security in Government Procurement

On the Future of Cybersecurity in Hybrid Cloud Environments

Trending Sources

Cybersecurity Trends to Watch in 2024

Chinese Hacking Contractor iSoon Leaks Internal Documents

First American Financial's SEC Breach Settlement: $488,000

Canada East Summit: From Ransomware to Growing CISO Liability

Inside CISA's Unprecedented Election Security Mission

ISMG Editors’ Panel: Challenges for New CISA Leader

ISMG Editors: Opening Day Overview of InfoSec Europe 2024

ISMG Editors: Our Pledge to You in a New Era of Journalism

Why HHS' Cybersecurity Goals Aren't Necessarily Voluntary

Key Federal Cyber Panel to Probe Chinese Telecoms Hacking

CISOs: Make Sure Your Team Members Fit Your Company Culture

Anonymous Reportedly Hacked Russian Energy Firm Rosneft

Denial-of-Service Attack Could Put Servers in Perpetual Loop

Sustaining Institutional Knowledge as ICT Landscapes Evolve

Large Language Models: Moving Past the Early Stage

Amazon CISO Amy Herzog on Embedding Security in Ring, Alexa

Twitter Security Allegations: Cybersecurity Experts Respond

China Denies Banning Government Use of Apple iPhones

Microsoft CISO, Deputy CISO Reassigned in Management Shakeup

ISMG Editors: What Did the Sam Altman-OpenAI Saga Teach Us?

Ohio Community College Data Theft Breach Affects Nearly 300K

London Cybersecurity Summit Spotlights AI and Ransomware

Northern Ireland's Police Service to Revamp Cybersecurity

ISMG Editors: Latest Updates on AI Tech, Regulations

Mapping the Unseen Vulnerabilities of Zombie APIs

More Mobile Devices, More Problems, Security Survey Finds

How the Paris Olympics Survived Unprecedented Cyberthreats

Gamification Can Make Security Training Fun

FTC Orders 1Health.io to Improve DNA Data Privacy, Security

Why Security Leaders Need to Have a 'Broadness of Skills'

Many Public Salesforce Sites are Leaking Private Data

Beyond Phishing: AI's New Tricks for Cyberattacks

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Election Experts Still Demanding More Federal Cyber Support

Experts Warn CISA’s Threat Sharing is in a 'Death Spiral'

Crypto Roundup: LastPass Breach Linked to $5.4M Crypto Theft

London Cybersecurity Summit: Building Cyber Resilience

ISMG Editors: CrowdStrike Competitors Analyze Outage, Impact

Fake CISO Profiles on LinkedIn Target Fortune 500s

Transforming Knowledge Management With Generative AI

Black Hat/DEF CON 2024: Latest Insights on Security and AI

What Biden Dropping Out Could Mean for Federal Cyber Policy

Stay Connected