US Investigations Services (USIS), a Department of Homeland Security (DHS) contractor that conducts background checks for the agency, has been the target of a cyberattack that appears to have been launched by a state-sponsored entity.
Many software development firms still fail to ensure that the components they use don't contain security vulnerabilities, according to a report published by software supply chain management company Sonatype.
To protect sensitive data from prying eyes, some organizations are turning to Bring-Your-Own-Encryption (BYOE), but experts warn that there are some aspects that need to be take into consideration before making the move.
A Senate committee approved the Cybersecurity Information Sharing Act, which aims to help companies and government share information about cyber-attacks and other threats. Privacy groups opposed the bill because it could potentially give the government access to huge trove of personal data about Americans.
With risks to national and economic security increasing, other avenues of cyber defense are receiving attention. Improving resilience and the promising application of predictive analysis to the prevention of cyberattacks before they occur are two such areas
it’s hard to build continuity under inconsistent leadership. It’s also really hard to beat the hackers when the person responsible for keeping them at bay has less job security than an NFL coach with a losing record.
A risk-driven approach addresses both security posture and business impact to increase operational efficiency, improve assessment accuracy, reduce attack surfaces, and improve investment decision-making.