Cybersecurity Insurance: Signals Maturity to Partners, Improved Security Response
A newly released report, Forrester’s The State of Cyber, 2024 finds about 83% of organizations currently maintain cybersecurity insurance, and such policyholders tend to possess improved ability to detect and respond to attacks ... Read More
Why Policy-as-Code is the Best Way to Streamline Authorization
A Styra survey found that policy-as-code is vital for organizations' preventative security and compliance objectives ... Read More
AI More Helpful Than Harmful in Cybersecurity
The majority of of IT security managers see the use of AI in security tools as helpful rather than a threat they must defend against ... Read More
AI Essential to Secure Dev, Successful DevSecOps—Yet Risks Abound
When finding security vulnerabilities within software built by in-house developers, there’s good reason to believe that development teams, thanks in part to the help of AI tools, are actually “shifting left” when developing secure code. At least, that’s one of the findings from a survey of 1,001 senior technology executives ... Read More
Will Consumers Punish Vendors That Suffer a Data Breach?
If a new survey from API and application protection vendor ThreatX is accurate, a majority of U.S. consumers are less likely to work with a company following a data breach. At least, they claim that they are. The ThreatX survey highlighted consumers’ evolving attitudes toward data breach concerns and their ... Read More
Organizations Preparing for Cyberwar
Perhaps—just maybe—2022, mainly due to the Russian invasion of Ukraine and the use of offensive digital operations, will go down as the year executives started taking the threat of cyberwarfare as a realistic risk against their operations. This week, device security platform provider Armis took a stab at quantifying the ... Read More
Mitigating the North Korean Cybersecurity Threat
Cybersecurity firm Kaspersky recently published an analysis that detailed how a North Korean threat actor, which it called the BlueNoroff group, is stealing cryptocurrency by bypassing the “Mark of the Web” flag security feature within the Windows operating system. Kaspersky’s advisory is only the latest in a string of cybersecurity ... Read More
NIST Completes Satellite Command-and-Control Guidance
NIST’s popular cybersecurity framework is finally ready for space. Well, not really outer space—but it will be applied to the security of ground satellite command-and-control systems. In recent years, the security of satellites has caught the attention of the military and lawmakers. Col. Jennifer Krolikowski, chief information officer at U.S ... Read More
FDA, MDIC and MITRE Publish Medical Device Threat Modeling Playbook
Modern medical devices are complex, networked and often vulnerable to attack. With that in mind, the U.S. Food and Drug Administration (FDA) has funded the development of a playbook for threat modeling by the Medical Device Innovation Consortium (MDIC) and MITRE. The playbook is designed to help health care organizations ... Read More
Health Care Under Cyberattack: Unprotected Medical IoT Devices Threaten Patient Care
Connected devices bring organizations more information and convenience, but they also increase an organization’s attack surface—and medical devices are no different. According to a survey released by reviews platform provider Capterra, as health care organizations connect more medical devices to their network, they are also attacked more often. Capterra’s 2022 ... Read More
