US corporate travel management firm Carlson Wagonlit Travel has suffered an intrusion, and it is believed the company paid a $4.5m ransom to get its data back.
Days after US President Donald Trump said he would ban TikTok from operating in the United States, Microsoft has announced it might purchase the popular short-form video app.
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified a malware variant—referred as TAIDOOR—used by the Chinese government.
The FBI says that an increasing number of victims are being directed to fraudulent websites via social media platforms and popular online search engines.
Twitter has released additional information on their investigation into the compromise that occurred on July 15, 2020. The attack, says the company, started with a spear phishing attack on a select group of employees that "relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to [Twitter's] internal systems."
Congratulations to John "JT" Mendoza, one of our 2019 Most Influential People in Security awardees, who is retiring from federal government service after 22 years. He will be joining CGI as Director of Global Security, primarily responsible for establishing a global insider risk management program.
The National Science Foundation has awarded Georgia State’s Evidence-Based Cybersecurity Research Group (EBCS) nearly $300,000 for a pilot program to teach students advanced cybersecurity research skills and match them with CISOs, with whom they will test tools to improve organizations’ security.
When I speak with candidates who are either leaving government roles or actively looking for a new role, I am often asked what programs or courses related to cybersecurity they could take to improve their marketability.
Sun Tzu famously said, “all warfare is based on deception.” He could hardly have anticipated how his words would ultimately be substantiated—particularly in the tactics of today’s cybercriminals.
In recent years, Enterprise Risk Management has become increasingly focused on cybersecurity risks. While this focus on cyber is understandable, the current COVID crisis has demonstrated that the unpredictable nature of cascading risks requires viewing risk through a much wider risk aperture. One way forward to successfully navigate this new risk frontier is the establishment of a Risk Operations Center (ROC). The ROC enables enterprise and technology leaders to have the continuous monitoring they require to proactively mitigate all cyber issues. Additionally, it fully supports the CISO/cybersecurity leader's principal responsibilities identified by the HBR survey.