Employees and non-employee contractors continue representing the most critical weak link in the IT chain. Too many employees, and vendors using corporate networks, are still falling for phishing attacks. Enhanced worker training on cyber risks helps, but training coupled with stronger systems offers the best protection against cyber threats.

Ed Skoudis, a cybersecurity leader and educator, has been named the new President of the SANS Technology Institute, according to a statement. Ed will lead the institute's degree programs and Internet Storm Center.

When it comes to cyber incident management of third-party risks, enterprise security professionals can follow a simplified task list to cover their bases by answering the questions "who, what, where, when, why and how."

The new bill, the DHS Software Supply Chain Risk Management Act of 2021 (H.R. 4611), will secure the supply chains involved in Department of Homeland Security software contracts by requiring a new certification.

Shirin Hamid, an experienced cybersecurity and IT professional, is expected to begin as the CIO and Director of the IT Department at the International Monetary Fund (IMF) in January 2022.

Malware authors often take advantage of vulnerabilities in popular software. But, malware is also prone to bugs and coding errors, causing it to crash and serve as backdoors — any method by which authorized and unauthorized users can get around normal security measures and gain high-level user access — for white hat hackers. 

How often, when sending messages via a communication platform, are you thinking about your sensitive and private user information being exploited?

The second Voice of SecOps report from Deep Instinct revealed that the average time elapsed before a company responded to a cyberattack was 20.9 hours globally. The report surveyed 1,500 cybersecurity professionals about their top cyber concerns.

Calendly announced the appointment of Frank Russo as its first chief information security officer. Russo will oversee application security, infrastructure security, corporate security, privacy and compliance to protect customers, partners, employees, systems and assets.

A new Report, “Ransomware in Focus,” based on a survey of more than 250 Chief Information Security Officers (CISOs), cited ransomware as the #1 threat facing businesses and one of the primary CISO concerns for the next 12 months, with many believing an attack is inevitable.