You can’t effectively create a risk program if you don’t have a full picture of just how large the risks are for your organization. “You can’t secure what you can’t see” so to speak. Risks don’t necessarily arise from lack of technology – oftentimes they are hidden in faulty business practices. We are well beyond the days of IT and security being segmented off in their own little world away from the business.
Although small businesses may not have the financial resources of larger enterprises, they do possess a trove of business and customer information that can net attackers a tidy profit either via ransomware or sale on the dark web. Understanding today’s threats—and how to defend against them—has grown increasingly critical for small businesses. Here are a few of the most common attack vectors that they should be prepared to face.
Molson Coors Beverage Company, a multinational drink and brewing company headquartered in Chicago in the United States, has suffered a cyberattack that has halted its beer-making production.
The National Security Agency announced a new GenCyber Call for Proposals for 2022 GenCyber summer camps. The new Call for Proposals for GenCyber goes out to institutions interested in hosting a 2022 summer camp and to provide young students with the skills they need to better prepare for a career in the fast-changing field of cybersecurity.
Carnegie Mellon University is set to launch its seventh picoCTF, an online cybersecurity competition run by security and privacy experts in Carnegie Mellon University’s CyLab who hope to help generate interest in the field and build a pipeline of talent into the currently-starved workforce.
The recent attack on SolarWind's Orion product demonstrated how vital it is for Chief Information Security Officers (CISOs) and their teams manage supply chain risks and understand all the products in their environment and how they are being used. Here we talk to Michael Lines, CISO and Head of Security Product Management at Cleanshelf, about why the IT and information security community should be concerned after the SolarWinds hack.
Ransomware can be delivered via several mechanisms, the most popular of which is often phishing. However, a new category called “Human-Operated“ Ransomware is now being used to execute multi-level attacks against company networks. Here’s how it works:
Congresswoman Suzan DelBene (WA-01) introduced the Information Transparency and Personal Data Control Act, legislation that would create a national data privacy standard to protect personal information.
ZoomInfo announced the expansion of its privacy team with Bubba Nunnery as Senior Director of Privacy and Public Policy. The privacy team is tasked with delivering one of ZoomInfo’s core missions: providing transparency about how it collects its professional contact data and upholding consumers’ rights to privacy.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) to address recently disclosed vulnerabilities in Microsoft Exchange Server. The CSA is meant to highlight the cyber threat associated with active exploitation of vulnerabilities in Microsoft Exchange on-premises products.
RSS
