Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.
On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous.
Siemens USA announced the launch of its technologically advanced cyber test range housed at its U.S. R&D headquarters in Princeton, New Jersey. The COVID-19 pandemic and the related increase in cyberattacks has highlighted the need for facilities such as this to focus on prevention, detection, and response solutions.
U.S. federal agencies revealed criminal charges against five computer hackers, all of whom were residents and nationals of the People’s Republic of China (PRC). All were charged of computer intrusions affecting over 100 victim companies in the United States and abroad, including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong.
The Department of Justice’s Office of Community Oriented Policing Services (COPS Office) announced nearly $50 million in school safety funding through its School Violence Prevention Program (SVPP). SVPP provides up to 75% funding for school safety measures in and around primary and secondary schools and school grounds.
The 11th iteration of the Building Security In Maturity Model reflects how organizations are adapting their software security efforts to support modern software development paradigms
September 17, 2020
Synopsys, Inc. published BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health care, Internet of Things, insurance, and retail.
The Data Governance Trends Report, by Egnyte, highlights how the COVID-19 pandemic has forced CIOs to reimagine data governance plans in the context of remote-first (and remote-only) working conditions. It reveals new and emerging security threats associated with the work-from-everywhere paradigm, and digs into the strategies companies have adopted (and plan to adopt) to keep up.
The need for cybersecurity in the financial services industry has never been greater. Financial Institutions (FIs) have been and will continue to be the subject of cyberattacks by adversaries of all varieties. The old adage “why do you rob banks....because that’s where the money is” holds in this domain as well. In 2019, 86 percent of breaches were financially motivated, and the records exposed in all breaches increased by 284 percent. And if that’s not enough for FIs to worry about, consider that the average cost of a breach as disclosed by public firms in 2019 was $116 million. Given the magnitude of this issue, these are the top trends seen in cybersecurity this year.
vpnMentor’s research team recently received a report from an anonymous ethical hacker about a massive data leak exposing users of over 70 adult dating and e-commerce websites from around the world.
The U.S. Department of Veterans Affairs (VA) Office of Management announced a data breach involving the personal information of approximately 46,000 Veterans.