Everyone knows the OWASP Top 10 lists of application security and API risks. But what about #11 and beyond - aren't those key priorities, too? Matt Tesauro of Noname Security talks about "Beyond the Top 10" and relates it back to mitigating the Log4j zero-day vulnerability.
COVID-19 has been a game changer - not just in how government agencies deliver services, but in how fraudsters try sneaking illegal access to them. Ryan Schaller, senior CIAM developer specialist at Okta, discusses these new faces of fraud and what state and local governments can do to combat them.
Multiple layers of security is required for strong ransomware protection and recovery.
At Commvault, we provide a multi-layered security framework built on Identify, Protect, Monitor, Respond, and Recover.
Download this whitepaper to learn more about the end-to-end framework that consists of features...
Data management and protection software must share your mission with
proven technology, constant vigilance, updates, and guidance.
The cyber threat landscape, including ransomware, has transitioned to a case of when not if. To ensure you can recover your data and not pay the ransom, you need to trust that your...
Yes, you know they are coming. And yes, the fraudsters have raised their game. But that doesn't mean you can't stop socially engineered attacks before threat actors can pull off their scams. Mike Britton of Abnormal Security tells you how.
In this exclusive interview with Information Security Media Group, Mike...
The challenge of dealing with cybercrime is complex. Human factors and the human-computer interface are central components of cybersecurity. But because threat actors understand human behavior, they know how to manipulate it to achieve their goals—stealing money and valuable information from organizations...
The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.
One of the effective ways to tackle AML fraud is to leverage technologies such as behavioral biometrics and device biometrics, says Charles Subrt, director of the fraud and AML practice at Aite-Novarica Group.
The network detection and response market is "relatively unchallenged at this point by other markets," and detection is the most important use case, says Nat Smith of Gartner, who shares key findings from the company's report titled Emerging Trends: Top Use Cases for Network Detection and Response.
Healthcare organizations cannot adequately protect the safety and privacy of their patients and staff unless they have efficient, accurate systems to manage third-party identity risk.
By managing third-party risk at the identity level, healthcare organizations can make better-informed access decisions. Adopting a...
There is little doubt that business email compromise is a prevalent and
financially damaging threat. By exploiting the relationships that people have
established with their executives, coworkers, and partners, these attacks dupe
both traditional email security tools and the humans they target. Stopping...
There is little doubt that vendor email compromise is a rising, and
financially damaging threat. By exploiting the trust organizations place
in their vendors, these attacks dupe both humans and traditional email
security tools that rely on threat intelligence. Stopping VEC requires
implementing a solution that can...
As organizations pursue a new paradigm for protection against
advanced email threats, they should look for one that provides the
greatest efficiencies with their M365 architecture and existing EOP
and/or MDO investments. To do so, they should turn to a solution with
an API-based architecture that uses data science...
As the universe of sophisticated cyber threats, such as ransomware, continues to grow in volume and effectiveness, organisations in every industry are moving from a threat prevention strategy to a cyber resilience model for holistic cyber security.
Organisations acknowledge that while blocking threats is still a...