Security News
You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.
Despite massive spend to protect enterprise digital assets, security breaches are still on the rise. The disconnect between the level of investment and the volume and impact of attacks is largely attributed to outdated approaches that favor perimeter protection and point solutions despite a digital supply chain that is more distributed than ever.
In this Help Net Security video, Joe Leonard, CTO at GuidePoint Security, illustrates how the role of the CIO is changing as cybersecurity priorities and responsibilities are creeping into the job description. Globally, CIOs find it most difficult to solve challenges related to data privacy/security and cybersecurity/ransomware, according to a global research study from Lenovo.
82% of Global CIOs say the CIO role has become more challenging compared with just two years ago as they are confronting a vast array of unique challenges, from the increasing use of AI and automation to talent acquisition in a global, remote workforce. Globally, CIOs find it most difficult to solve challenges related to data privacy/security, cybersecurity/ransomware, keeping up with technological change, managing fragmented IT vendor ecosystems and adopting/deploying new technology.
A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges. According to court documents [PDF], Paunescu allegedly ran a "Bulletproof hosting" service using computers in Romania, America, and other locations to help cybercriminals distribute Gozi and other malware including the Zeus Trojan and SpyEye Trojan.
A former Maryland Cabinet-level official and a former IT executive have pleaded guilty to involvement in a bribery and extortion scheme related to technology contracts about a decade ago. According to the US Attorney's Office of the State of Maryland, Isabel FitzGerald, 52, of Annapolis, Maryland, and Kenneth Coffland, 67, of Riva, Maryland, pleaded guilty last week to charges of bribery and extortion, respectively.
The shift to cloud native development, along with the increased speed in development brought about by the adoption of DevOps processes, has made the challenges connected with securing software supply chains infinitely more complex. Adversaries, motivated by the success of high-profile software supply chain attacks on companies like SolarWinds and Kaseya, are stepping up attacks against software build and distribution environments.
Majority of CIOs say their software supply chains are vulnerable, execs demand action. A new survey of 1,000 CIOs conducted by Venafi shows that over 80% said their organizations are vulnerable to cyberattacks targeting software supply chains.
Network engineers and CIOs agree that cybersecurity issues represent the biggest risk for organizations that fail to put networks at the heart of digital transformation plans. According to a research commissioned by Opengear, 53% of network engineers and 52% of CIOs polled in the U.S., U.K., France, Germany, and Australia rank cybersecurity among the list of their biggest risks.
Ask 1,000 CIOs whether they believe their organizations are vulnerable to cyberattacks targeting their software supply chains and about 82 percent can be expected to say yes. "The results show that while CIOs understand the risk of these types of attacks, they have yet to grasp the fundamental organizational changes and new security controls they will need to incorporate into their security posture to reduce the risk of supply chain attacks that can be devastating to themselves and their customers," says Venafi's report, which was released on Tuesday.