Security News

82% of Global CIOs say the CIO role has become more challenging compared with just two years ago as they are confronting a vast array of unique challenges, from the increasing use of AI and automation to talent acquisition in a global, remote workforce. Globally, CIOs find it most difficult to solve challenges related to data privacy/security, cybersecurity/ransomware, keeping up with technological change, managing fragmented IT vendor ecosystems and adopting/deploying new technology.

A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges. According to court documents [PDF], Paunescu allegedly ran a "Bulletproof hosting" service using computers in Romania, America, and other locations to help cybercriminals distribute Gozi and other malware including the Zeus Trojan and SpyEye Trojan.

A former Maryland Cabinet-level official and a former IT executive have pleaded guilty to involvement in a bribery and extortion scheme related to technology contracts about a decade ago. According to the US Attorney's Office of the State of Maryland, Isabel FitzGerald, 52, of Annapolis, Maryland, and Kenneth Coffland, 67, of Riva, Maryland, pleaded guilty last week to charges of bribery and extortion, respectively.

The shift to cloud native development, along with the increased speed in development brought about by the adoption of DevOps processes, has made the challenges connected with securing software supply chains infinitely more complex. Adversaries, motivated by the success of high-profile software supply chain attacks on companies like SolarWinds and Kaseya, are stepping up attacks against software build and distribution environments.

Majority of CIOs say their software supply chains are vulnerable, execs demand action. A new survey of 1,000 CIOs conducted by Venafi shows that over 80% said their organizations are vulnerable to cyberattacks targeting software supply chains.

Network engineers and CIOs agree that cybersecurity issues represent the biggest risk for organizations that fail to put networks at the heart of digital transformation plans. According to a research commissioned by Opengear, 53% of network engineers and 52% of CIOs polled in the U.S., U.K., France, Germany, and Australia rank cybersecurity among the list of their biggest risks.

Ask 1,000 CIOs whether they believe their organizations are vulnerable to cyberattacks targeting their software supply chains and about 82 percent can be expected to say yes. "The results show that while CIOs understand the risk of these types of attacks, they have yet to grasp the fundamental organizational changes and new security controls they will need to incorporate into their security posture to reduce the risk of supply chain attacks that can be devastating to themselves and their customers," says Venafi's report, which was released on Tuesday.

Nearly all CIOs surveyed believe their roles have evolved and expanded in the past few years, and that they are being asked to make business decisions that go far beyond technology. 9-in-10 CIOs say that their roles and responsibilities have expanded beyond technology, including non-traditional areas such as data analytics and business reporting, sustainability/ESG, DE&I, HR/talent acquisition, and sales/marketing.

Runecast moves organizations ahead of these challenges with automated discovery and single-platform visibility of issues for IT Security and Operations teams. Runecast began as an answer to a problem that many IT teams were having, including its founders: after hours or even days of searching for root causes to problems, 90% of the issues discovered within their environments had been already documented - and could have been avoided with the assistance of automation.

A colleague asked me recently if I thought the FBI had finally experienced enough of the cyberattacks plaguing the United States and would now more aggressively pursue the attackers. Combating cybercrime is exponentially more difficult than combating traditional criminal activities, as technologies and techniques make it very easy for cybercriminals to hide their true identities, locations, and allegiances.