Security News

While every organization's specific security needs form a unique and complex blend of interconnected requirements, numerous security fundamentals almost always apply to each of these groups. It stands to reason that cybersecurity pros who effectively identify network and systems risks and who standardize methods of mitigating those vulnerabilities are likely to experience less stress and volatility.

Nathan Wenzler, chief security strategist at cyber security firm Tenable, said state-sponsored threat actors typically infiltrate by stealth and spread. Wenzler said Australian organisations should treat them as seriously as other actors or face serious risk during a geopolitical conflict. The Australian Cyber Security Centre found total reports of cybercrime were up by 23% to 94,000 in the year to June 2023, attributing part of that increase to state-sponsored attacks against critical infrastructure.

All company communication needs may vary but certain standard template messages can come in handy for IT staff to keep employees up to date on "Need to know" informational bulletins. A formal set of message templates will allow you to deliver both event-based and proactive communications, which ensures that everyone is up to speed on critical developments, projects and company policies.

CISOs have clear communications role during cyber security incidents. "In the event of a major cyber security incident, the CISO should be prepared to step into a crisis management role. They should understand how to bring clarity to the situation and communicate effectively with internal and external stakeholders," according to the ASD. More Australia coverage How IT and security leaders should prepare to manage crisis communications.

Webinar The complexity facing businesses as they make the necessary transition to cloud-native applications and multi-cloud architectures keeps cloud teams firmly on the frontline when it comes to implementing security policies. The constant risks of misconfiguration and malicious attack demand that already overstretched cloud security practitioners have to find a more effective way of keeping pace with the challenge.

Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. Webinar It was growing threat levels and an increase in reported cybersecurity attacks since digitalization which pushed the European Union to introduce the original Network and Information Security Directive in 2016.

In 2024, API requests accounted for 57% of dynamic internet traffic around the globe, according to the Cloudflare 2024 API Security & Management Report, confirming that APIs are a crucial component of modern software development. Poor API security practices can also have regulatory and legal consequences, cause disruption to company operations and even result in intellectual property theft.

There is good news, however: high-severity security flaws in applications have decreased by half since 2016, indicating progress in software security practices and that speed of remediation has a material impact on critical security debt. The report reveals development teams that fix flaws the fastest reduce critical security debt by 75%-from 22.4% of applications to just over 5%. Moreover, these fast-acting teams are four times less likely to let critical security debt materialize in their applications in the first place.

The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the...

State and county officials have been urged to use paper ballots wherever possible over electronic ones, and ensure all election offices have procedures in place to handle potentially lethal substances, specifically fentanyl, anthrax, and ricin. On election threats, "We anticipate AI being leveraged for deception campaigns," said Michelle Alvarez, strategic threat analysis manager for IBM X-Force.