Security News

Cybersecurity crisis in schools
2024-02-26 04:00

Primary school systems handle sensitive data concerning minors, while higher education institutions must safeguard intellectual property data, making them prime targets for cyberattacks, according to Trustwave. Strong cybersecurity measures protect student data and enable teachers to do their jobs effectively without fear of disruptions or data breaches.

Should IT and Security Teams Play a Role in Crisis Communications?
2024-02-21 15:39

CISOs have clear communications role during cyber security incidents. "In the event of a major cyber security incident, the CISO should be prepared to step into a crisis management role. They should understand how to bring clarity to the situation and communicate effectively with internal and external stakeholders," according to the ASD. More Australia coverage How IT and security leaders should prepare to manage crisis communications.

Orgs are having a major identity crisis while crims reap the rewards
2024-02-21 08:15

Identity-related threats pose an increasing risk to those protecting networks because attackers - ranging from financially motivated crime gangs and nation-state backed crews - increasingly prefer to log in using stolen credentials instead of exploiting vulnerabilities or social engineering. In two separate reports published on Wednesday, IBM X-Force and security biz CrowdStrike found a huge surge in cyber attacks using valid credentials and other techniques spoofing legitimate users.

Romanian hospital ransomware crisis attributed to third-party breach
2024-02-14 15:48

The Romanian national cybersecurity agency has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider. All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS. Per legal reporting obligations in Romania, service providers must inform the DNSC and national CSIRT of incidents that significantly impact the continuity of essential services.

Proactive cybersecurity: A strategic approach to cost efficiency and crisis management
2024-01-31 05:30

We examine the benefits of adopting a proactive cybersecurity approach, particularly in terms of cost efficiency and crisis management, and explore the impact of offensive security testing on compliance and zero-day response. A zero trust approach to cybersecurity has become the go-to model for many organizations because it embraces a framework that layers nicely across every possible threat vector.

Ransomware recap 2023 highlights cybersecurity crisis
2024-01-30 05:00

In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment's development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368 victims globally, according to Cyberint.

Ransomware negotiation: When cybersecurity meets crisis management
2024-01-18 05:00

He discusses ransomware gangs, the role of cyber insurance, and how governments and regulatory bodies are responding to the ransomware threat. In light of the increasing sophistication of ransomware attacks, can you discuss the dynamics of negotiating with ransomware gangs? How do these negotiations typically unfold, and what are the critical business considerations during these interactions?

If you prepare, a data security incident will not cause an existential crisis
2024-01-09 06:00

Why is it that when a company becomes aware of a potential data security incident, the team working on it have an immediate and overwhelming feeling that the company is doomed? And yet, when there's another kind of high-risk event, such as an ethics investigation, it doesn't cause the same apocalyptic feelings? Cybersecurity professionals in legal and IT security departments have key roles in working through a data security incident, but often fail to build up a trusted relationship in advance.

Australian Government’s ‘Six Cyber Shields’ Is Potentially a Well-Meaning Skills Crisis
2023-09-26 16:01

This forms a core part of the upcoming 2023-2030 Cyber Security strategy, and it aims to build six cyber shields in service of citizens, businesses and government at all levels. As well-meaning as this initiative is, there are many implications about the impact the six cyber shields approach will have on Australian businesses.

EU’s financial institutions face cyber resilience crisis
2023-08-01 03:00

84% of financial institutions have been exposed to a fourth-party breach - illustrating how a vast web of unseen risks are hiding in plain sight. "If nearly 20% of the most well-resourced financial entities in the EU have grades of C or worse, then it's likely that the overall cyber resilience for other financial entities is actually much lower," said Matthew McKenna, Chief Sales Officer, SecurityScorecard.