Zoom Video Communications, the maker of the popular Zoom video conferencing solution, has agreed to settle allegations made by the US Federal Trade Commission (FTC) that it “engaged in a series of deceptive and unfair practices that undermined the security of its users.” The settlement requires Zoom to – among other things – establish and…

Greenbone Networks revealed the findings of a research assessing critical infrastructure providers’ ability to operate during or in the wake of a cyberattack. The cyber resilience of critical infrastructures The research investigated the cyber resilience of organizations operating in the energy, finance, health, telecommunications, transport and water industries, located in the world’s five largest economies:…

One of the most challenging executive tasks for CISOs is quantifying the success and the value of the cybersecurity function. Indeed, security leaders and their organizations have used a myriad of metrics over the years. Yet, many executives and board members have complained that those measures failed to provide them with adequate insight or understanding…

In 2020, IoT Security Must Be Part of Your Threat Management Strategy

Internet-enabled devices are emerging more and more in business and personal environments. Often going unnoticed, they simply appear within network infrastructures, using wired or wireless connections and expanding the enterprise attack surface. In fact, enterprises nowadays likely have more internet of things (IoT) devices on their networks than traditional endpoints — according to Armis, by…

Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Recorded Future researchers have analyzed code repositories, underground forum postings, dark web sites, closed source reports and data sets comprising of submissions to popular malware repositories to compile a list of the ten most exploited vulnerabilities by cybercriminals in 2019.

It sounds simple: A scanner identifies a vulnerability, the vulnerability is patched. What happens in between, however, can be far from simple. Yet if you are not on a security team or, more specifically, a vulnerability management team, you would never know the bumpy, winding road that often stretches between scanning and patching. The Patch…

There was a time when companies were hesitant about their IT and security teams using automation to discharge some of their duties. “I think much of that was due to the feeling that if a task was automated and something went wrong, IT was not in control and did not have as much visibility,” Candace…

Cybersecurity performance is critical to achieving commercial success, according to a BitSight study. Among the study’s most interesting findings is that nearly two in five (38 percent) of enterprises admit that they have lost business due to either a real or perceived lack of security performance within their organization. Based on a survey of 207…

Like rust, risk never sleeps. As mobile devices flood the enterprise (especially for a younger generation of workers), the internet of things (IoT) expands, and cybercriminals grow in both numbers and sophistication, many security professionals think zero trust is the safest approach to defending against constantly evolving network and data security threats. Network vulnerabilities can…

How mainstream media coverage affects vulnerability management

For better or for worse, mainstream media is increasingly covering particularly dangerous, widespread or otherwise notable security vulnerabilities. The growing coverage has made more people aware of the risks and of the need to keep their various devices (software) up-to-date and, with the increased digitization of our everyday lives, I would say that’s a definitive…