Security and Strategy - Information Management Today

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. These penalties apply to all aspects of GDPR compliance, including inadequate data security, improper consent, and data breach failures.

GDPR

GDPR Security Compliance Data Privacy

Italy announced its National Cybersecurity Strategy 2022/26

Security Affairs

MAY 26, 2022

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. The strategy is aligned with the commitments undertaken within international organizations of which Italy is a member party. A secure country is a more competitive country.

Cybersecurity

Cybersecurity IT Risk Government

Strategies for Securing Your Supply Chain

IT Governance

OCTOBER 23, 2024

What to do when your ‘supply chain’ is really a ‘supply loop’ When I asked Bridget Kenyon – CISO (chief information security officer) for SSCL, lead editor for ISO 27001:2022 and author of ISO 27001 Controls – what she’d like to cover in an interview, she suggested supply chain security. How can you secure a ‘supply loop’?

Security

Security Information Security Risk Access

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybersecurity strategy. Protecting sensitive data is what cybersecurity is all about. So, how can you conduct a DLP risk assessment?

Risk

Risk Cybersecurity Cloud Compliance

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Bales, Esq.

Security

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Security Affairs

MARCH 24, 2025

Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security Labs tracked a financially driven MEDUSA ransomware campaign using a HEARTCRYPT-packed loader and a revoked certificate-signed driver, ABYSSWORKER, to disable EDR tools.

Ransomware

Ransomware Security IT Access

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Salzman Shirley Slazman , CEO, SeeMetrics In 2025, organizations will recognize that adding more tools doesnt equate to better security. Attackers arent hacking in theyre logging in.

Security

Security Phishing IoT Risk

White House Unveils Biden's National Cybersecurity Strategy

Data Breach Today

MARCH 2, 2023

Focus Includes Critical Infrastructure Security, Secure Software Development The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them.

Cybersecurity

Cybersecurity Security IT

Australia Unveils AU$587M Strategy to Defeat Cybercrime

Data Breach Today

NOVEMBER 22, 2023

Australia Envisions Cybersecurity Leadership in the Pacific With New Strategy The Australian government says it will mandate ransomware reporting by businesses, boost law enforcement capacity and fund startups with innovative cybersecurity solutions under a strategy unveiled Monday. "We

Cybersecurity

Cybersecurity Ransomware Government Security

Your Team's Pragmatic Guide to Security

Speaker: Naresh Soni, CTO, Tsunami XR

The pandemic has led to new data vulnerabilities, and therefore new cyber security threats. As technology leaders, it's time to rethink some of your product security strategy. Whether you need to rework your security architecture, improve performance, and/or deal with new threats, this webinar has you covered.

Security

API Security Trends: Collaborative Strategies for Leaders

Data Breach Today

JANUARY 2, 2024

Forrester's Sandy Carielli Shares Highlights From API Security Report Forrester analyst Sandy Carielli highlights key API security aspects in Forrester's report titled The Eight Components of API Security," which covers governance, discovery, testing, authentication and protection from API breaches as many organizations are grappling with the maturity (..)

Security

Security Authentication Government

Biden Administration Issues Cyber Strategy for Health Sector

Data Breach Today

DECEMBER 6, 2023

HHS Is Proposing New Cyber Regs for Hospitals and a HIPAA Security Rule Update The U.S.

Cybersecurity

Cybersecurity Security IT

New Linux variant of BIFROSE RAT uses deceptive domain strategies

Security Affairs

MARCH 3, 2024

By leveraging this deceptive domain, the threat actors behind Bifrost aim to bypass security measures, evade detection, and ultimately compromise targeted systems.” With new variants that employ deceptive domain strategies like typosquatting, a recent spike in Bifrost activity highlights the dangerous nature of this malware.”

Encryption

Encryption Cybersecurity IT Access

DORA Compliance Strategy for Business Leaders

Security Affairs

JUNE 14, 2024

This regulation from the European Union (EU) is intended to both strengthen IT security and enhance the digital resilience of the European financial market. They must also strengthen cybersecurity measures, including encryption, firewalls, and regular security audits, and have incident response plans in place.

Compliance

Compliance Insurance Risk Cloud

The Unexpected Cost of Data Copies

Unfortunately, data replication, transformation, and movement can result in longer time to insight, reduced efficiency, elevated costs, and increased security and compliance risk. What to consider when implementing a "no-copy" data strategy. How Dremio delivers clear business advantages in productivity, security, and performance.

Security

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

The security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on national security. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk.” reported the WSJ. “For

Government

Government Communications Access Risk

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies.

Government

Government Communications Access Passwords

A large botnet targets M365 accounts with password spraying attacks

Security Affairs

FEBRUARY 24, 2025

Despite Microsoft phasing it out, it remains an active security risk. The botnet operators used stolen credentials from infostealer logs to target accounts at scale “These attacks are recorded in Non-Interactive Sign-In logs, which are often overlooked by security teams. ” continues the report.

Passwords

Passwords Authentication Access Cybersecurity

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds. Downplaying the extent of a material cybersecurity breach is a bad strategy,” said Jorge G.

Cybersecurity

Cybersecurity Risk Access Government

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security

Security Military Ransomware Marketing

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. Each company brings its own security (or lack thereof) into the game, so your overall security status is essentially the average of yours, plus anyone else’s to whom you’re connected (i.e.,

B2B

B2B Cybersecurity Risk Access

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

TopSec is also a Tier 1 vulnerability supplier for China’s intelligence ministry and has provided cloud and IT security monitoring services nationwide since 2004. The data leak includes infrastructure details and work logs from employees of a state-affiliated private sector security firm in China.

Cybersecurity

Cybersecurity Government Cloud Security

Companies Are Playing Catch-Up to Secure Generative AI

Data Breach Today

JULY 24, 2024

Netskope Says Firms Are Using Blocking Controls, DLP But Still Face Security Gaps It's been nearly 18 months since ChatGPT paved the way for rapid generative AI adoption, but enterprises are just beginning to implement basic cybersecurity strategies and use blocking controls, DLP tools and live coaching to mitigate gen AI risks, according to security (..)

Security

Security Cybersecurity Risk IT

Zero Trust Mandate: The Realities, Requirements and Roadmap

You’ll hear where peer organizations are currently with their Zero Trust initiatives, how they are securing funding, and the realities of the timelines imposed. Join us and learn how to better advise your agency clients on strategy, architect Zero Trust solutions, and win more cybersecurity business!

Cybersecurity

The Impact of Remote Work and Cloud Migrations on Security Perimeters

Security Affairs

MAY 27, 2024

Cloud Security Challenges However, adopting cloud computing significantly expanded the attack surface for businesses, effectively dissolving the traditional network perimeter. This shift introduced new vulnerabilities, and conventional security measures designed to protect a well-defined, centralized perimeter were no longer enough.

Cloud

Cloud Security Compliance B2B

Security Affairs newsletter Round 367 by Pierluigi Paganini

Security Affairs

MAY 29, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Pierluigi Paganini.

Security

Security Cybersecurity Ransomware Government

On Point: Offensive Security for Mobile Network Operators

Data Breach Today

JANUARY 22, 2024

Build Resiliency by Simulating Real-World Attacks and Gaining Insight Into Threats As cyberthreats evolve, mobile network operators need offensive security to maintain resilience. Traditional security, such as firewalls and encryption, is not sufficient on its own.

Security

Security Encryption IT

The state of secure information management: Strategies for securing access and protecting sensitive data

OpenText Information Management

NOVEMBER 27, 2024

But before then, we’ll be sharing proprietary research from the upcoming State of Secure Information Management where we explore strategies to enable secure access and protect sensitive data. Cost considerations are important, with organizations seeking to understand the ROI of AI implementation in security.

Access

Access Security Data Privacy Compliance

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

This session will cover key strategies for balancing AI’s power with the responsibilities of data stewardship. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations.

Data Privacy

Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months

Security Affairs

AUGUST 29, 2023

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) has been infiltrated for months. Threat actors have infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for as much as nine months. The intrusion began in the autumn of 2022 and was discovered in June.

Cybersecurity

Cybersecurity Military Personal data Government

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Computer and Electronics Ransomware

OnDemand | Securing the Core: Cutting-Edge Techniques for SaaS & Web Application Safety

Data Breach Today

DECEMBER 11, 2023

This comprehensive session will provide an in-depth exploration of cutting-edge strategies and technologies essential for securing SaaS and web applications and

Security

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Today’s technology leaders play a more strategic role in establishing cybersecurity strategy for their organizations. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?” Register today! November 14th, 2023 at 9:30am PST, 12:30pm EST, 5:30pm GMT

Cybersecurity

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 16, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Ransomware Sales

Trellix's Dual AI Strategy: Combating and Using AI in Cyber

Data Breach Today

JULY 30, 2024

He discusses how Trellix Wise streamlines SOC processes and the company's focus on ransomware detection and data security.

Ransomware

Ransomware Security

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. A security incident is often an indication of poor investment in security programs, rather than personal characeteriziation of the security leader.

Cybersecurity

Cybersecurity Risk Government Compliance

Resilience: The New Priority for Your Security Model

Data Breach Today

JANUARY 25, 2024

Security leaders focus on protection and detection, but the new priority is resilience. A resilience strategy should "get the real 'ground truth' of what has happened" in the attack, said Brian Dye, CEO of Corelight, in this episode of "Cybersecurity Insights."

Security

Security Cybersecurity

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Stakeholder Engagement 👥 Learn strategies to secure buy-in from sales, marketing, and executives. Guardrails & Bias Mitigation 🚨 Implement robust strategies to protect against hallucinations and biases in LLM outputs, ensuring fairness, reliability, and user trust.

Sales

Microsoft released red teaming tool PyRIT for Generative AI

Security Affairs

FEBRUARY 23, 2024

The tool implements five interfaces: target, datasets, scoring engine, attack strategies and memory. The tool supports two attack strategy styles, the single-turn strategy and the multi-turn strategy. This automation continues until the security professional’s intended goal is achieved.”

Artificial Intelligence

Artificial Intelligence Risk Access Security

Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Ransomware Cybersecurity

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 19, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Financial Services

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 12, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Military Ransomware

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Increased GDPR Enforcement Highlights the Need for Data Security

Italy announced its National Cybersecurity Strategy 2022/26

Webinars

Trending Sources

Strategies for Securing Your Supply Chain

Webinars

From Risk Assessment to Action: Improving Your DLP Response

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

White House Unveils Biden's National Cybersecurity Strategy

Australia Unveils AU$587M Strategy to Defeat Cybercrime

Your Team's Pragmatic Guide to Security

API Security Trends: Collaborative Strategies for Leaders

Biden Administration Issues Cyber Strategy for Health Sector

New Linux variant of BIFROSE RAT uses deceptive domain strategies

DORA Compliance Strategy for Business Leaders

The Unexpected Cost of Data Copies

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

A large botnet targets M365 accounts with password spraying attacks

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Make Payment Optimization a Part of Your Core Payment Strategy

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Companies Are Playing Catch-Up to Secure Generative AI

Zero Trust Mandate: The Realities, Requirements and Roadmap

The Impact of Remote Work and Cloud Migrations on Security Perimeters

Security Affairs newsletter Round 367 by Pierluigi Paganini

On Point: Offensive Security for Mobile Network Operators

The state of secure information management: Strategies for securing access and protecting sensitive data

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months

Unmasking 2024’s Email Security Landscape

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

OnDemand | Securing the Core: Cutting-Edge Techniques for SaaS & Web Application Safety

Software Composition Analysis: The New Armor for Your Cybersecurity

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Trellix's Dual AI Strategy: Combating and Using AI in Cyber

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Resilience: The New Priority for Your Security Model

Launching LLM-Based Products: From Concept to Cash in 90 Days

Microsoft released red teaming tool PyRIT for Generative AI

Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

How to Package and Price Embedded Analytics

Stay Connected