Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.
The Trump administration is directing U.S. federal executive branch agencies to remove anti-virus software from Russian-owned Kaspersky Lab from their computers within 90 days. Kaspersky denies "inappropriate" ties to Russian government.
Vendors that provide the U.S. government with internet-connected devices would need to ensure they can be patched, don't include hard-coded passwords that can't be changed and are free of known security vulnerabilities, according to a new, bipartisan Senate bill.
In the wake of recent ransomware attacks, such as WannaCry, what lessons do we have yet to learn? Ransomware attacks are nothing new, and while WannaCry was widespread, it was not sophisticated or stealthy, necessarily. So why did it have such an impact?
In this session, our panelists will discuss why the "wartime...
John Kelly, in his first speech as the U.S. homeland security secretary, says the American government can't combat the cyberthreat without the active collaboration of the private sector. "The government, God knows, can't do it by itself," Kelly says.
Nearly every major breach over the last three years - including Anthem, Target, Home Depot, Office of Personnel Management, the Internal Revenue Service, the National Security Agency - shared a crucial commonality: attackers gained entry using compromised or stolen credentials.
This range of identity-centric...
The Obama administration has implemented a number of cybersecurity and privacy initiatives and policies aimed at making IT more secure for the federal government and the private sector, including the cybersecurity framework, National Strategy for Trusted Identities in Cyberspace, employing encryption and sharing cyber...
The 30-day Cybersecurity Sprint overseen by Federal CIO Tony Scott has crossed the finish line, but in reality, it looks more like a starting gate to a marathon to get the federal government to secure its battered IT.
Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
At a time of sweeping change in cybersecurity, attorney Stephen Wu says organizations need to be prepared from a compliance, incident response and risk management perspective to address novel situations stretching society's capabilities.
In conducting due diligence, investors spend more time than ever assessing the cyber-risk posed by the company targeted for acquisition, says Jacob Olcott, VP for business development at Bitsight Technologies.