Four different states (Washington, Virginia, Oklahoma and Minnesota) are on track to enact new data privacy laws in 2021, but are businesses ready to comply with state-by-state regulations? This patchwork of legislation could leave companies confused and vulnerable to legal action if they are unprepared.
The Cybersecurity and Infrastructure Security Agency (CISA), the nation’s first federal cybersecurity agency, is kicking off a series of virtual hiring events in 2021 for job seekers, while aiming to further increase the representation among women, minorities, and persons with disabilities in order to more fully realize the goal of using the talents of all segments of society.
A record number of critical and high severity vulnerabilities were logged to the National Institute of Standards and Technology (NIST) and its National Vulnerability Database (NVD) in 2020. THE NVD is a repository of Common Vulnerabilities and Exposures (CVEs) reported by security professionals, researchers and vendors. It is used by security teams around the world to stay up to date with security vulnerabilities as they are discovered. In January 2021, Redscan performed an analysis of the NVD to examine security and vulnerability trends. Their report focuses on vulnerabilities discovered in 2020, but also highlights wider CVE trends that have emerged since 1989.
As organizations look to strengthen their enterprise data security and privacy programs, they must consider the new risks that remote work has uncovered. More specifically, how legacy business applications and ERP systems may be exposing organizations to new levels of risk because these applications were not designed for user access from unmanaged networks and devices.
Healthcare Delivery Organizations (HDOs) are arguably the most pressured organizations in 2020, not only needing to treat the many patients infected by coronavirus, but also defend themselves against a growing number of cyberattacks targeted at their industry. Here are five cybersecurity challenges researchers found facing Healthcare Delivery Organizations today:
In response to recent events where unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment facility, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation, the Environmental Protection Agency (EPA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released joint Cybersecurity Advisory AA21-042A: Compromise of U.S. Water Treatment Facility. This advisory outlines how cybercriminals exploit desktop sharing software and end-of-life operating systems to gain unauthorized access to systems.
After auditing the security of Helpdesk Software solution Deskpro in accordance with the company's Responsible Disclosure Bug Bounty Program, the Checkmarx Security Research Team discovered a severe cross-site scripting (XSS) issue that can be exploited multiple ways.
New research from Tessian finds that almost one-third of people have fallen victim to a cyber romance scam, posing a new warning: don’t get cat-phished this Valentine’s Day.
In today’s world, business process automation solutions are considered the fastest-growing segment on the global enterprise software market. However, both business owners and frequent users alike often express their doubts about the capability of automation tools to operate at the proper level required by enterprise data security, especially with many employees working from home due to the pandemic.
Security ratings or cybersecurity ratings are a data-driven, objective, and dynamic measurement of an organization's security posture and cybersecurity performance. To learn more about the benefits of security ratings, we speak to Christos Kalantzis, Chief Technology Officer at SecurityScorecard.