NIST publishes guidance for administrators, information security officers, and auditors on how to automatically secure and assess the security of macOS desktop and laptop systems. [Read More]
The FTC orders Residual Pumpkin and PlanetArt to implement MFA, encrypt Social Security numbers, collect less data, and have their information security programs assessed by a third-party. [Read More]
CrowdStrike researchers find evidence of ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter. [Read More]
Cybersecurity authorities in the US, UK, and New Zealand share recommended actions on how to configure and monitor PowerShell to eliminate security risks. [Read More]
US President Joe Biden has signed two cybersecurity bills into law: Federal Rotational Cyber Workforce Program Act of 2021, and the State and Local Government Cybersecurity Act of 2021. [Read More]
Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service [Read More]
The Defense Readiness Index is a reliable alternative for assessing a security team’s skill level, developing a roadmap for improving cyber competencies, and reaching the optimal level of cyber security readiness.
As automation continues to evolve, a new approach to accelerate detection and response is emerging based on data and business logic to automatically trigger simple actions that can be standalone or be chained together.
In addition to helping security teams recruit and retain the talent they need, employee wellness brings other benefits. Here are five ways in which wellness is good for security:
With the labor market for cybersecurity pros being extremely tight, the old ways of recruiting are rife with weaknesses and biases, while the urgency to recruit people is intense.
It’s time to step back and look at the role of the IT industry in developing, deploying, maintaining, growing and eventually, sustainably retiring technology and solutions.
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
As threat actors continue to evolve their TTPs to take advantage of crises and outbreaks, the intelligence sources and information sharing mechanisms available to help will become even more important.