IBM’s surprise departure from cybersecurity software this week didn’t just rearrange the competitive landscape — it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar SaaS portfolio to Palo Alto Networks for an undisclosed sum. After years of development, IBM started rolling out…

The U.K. government released voluntary guidance intended to help artificial intelligence developers and vendors protect models from hacking and potential sabotage. Released on Wednesday, the British government’s AI code of practice lists recommendations such as monitoring AI system behavior and performing model testing. “Organizations in the U.K. face a complex cybersecurity landscape, and we want…

Over the last decade, social engineering cyberthreats have surged among retailers just as the sector’s reliance on customer data, financial transactions and e-commerce platforms has intensified. Social engineering, in which malicious actors exploit human vulnerabilities to obtain personal or financial information, can pose serious risks to retailers. As a result, chief information security officers and…

The concept of “responsible radical transparency” plays a critical role in efforts to improve the state of cybersecurity, said Suzanne Spaulding, former undersecretary, Department of Homeland Security, and Jim Richberg, head of global policy and field CISO as security firm Fortinet. “The shelf life of secrets is vanishingly short,” Spaulding said. “There are tremendous costs…

Since the pandemic forced unprecedented adoption of remote access and delivery of government services, telehealth, and education, cybersecurity has rapidly shot to the top of priority lists for IT leaders. What was once a shiny object that agencies didn’t have the resources to implement is now mission critical. However, governments are grappling with several challenges…

New Biden administration cybersecurity standards for U.S. maritime ports mark a crucial step toward addressing long-ignored vulnerabilities in IT and OT systems across the critical infrastructure sector, experts told Information Security Media Group. An executive order released Wednesday institutes mandatory requirements to report cyber incidents that could endanger “any vessel, harbor, port or waterfront facility.”…

Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. Hipocrate Information System (HIS) is a software suite designed to manage the medical and administrative activities of hospitals and other healthcare institutions. The attack took place on February 11 and encrypted data…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube Webmail Persistent Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2023-43770, to its Known Exploited Vulnerabilities (KEV) catalog. Roundcube is an open-source web-based email client. It provides a user-friendly interface for accessing email accounts via a web browser. Users can send and receive emails, manage their…