Lynn Peachey, the director of business development at Arete Incident Response, says that insurance companies have made "a pretty quick turnaround in terms of trying to respond to the ransomware epidemic." She discusses the changes they are making, which include leveraging data quantification.

New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," says former National Security Agency deputy commander Tim Kosiba, CEO of security firm bracket f.

The latest edition of the ISMG Security Report analyzes the latest cyberthreats to the energy sector as Russia's invasion of Ukraine continues. It also examines best practices for Customer Identity and Access Management and how healthcare institutions can sharpen their defense strategies.

This edition discusses the latest episode of "The Ransomware Files," which covers the REvil ransomware gang's 2021 attack on Kaseya. It also examines how healthcare entities can prepare for potential spillover attacks from the hybrid Russia-Ukraine war and highlights from ISMG's Chicago Summit.

The REvil ransomware gang's attack against the U.S. software company Kaseya in July 2021 is one of the largest and most intriguing ransomware attacks of all time. Here's the inside story of how the attack went down and how organizations recovered.

This edition analyzes how hackers exploited a misconfigured VPN device, gained access to Viasat's satellite network and caused a massive outage in Europe as Russia's invasion of Ukraine began. It also examines the invasion's impact on financial services and how to modernize security operations.

The latest edition of the ISMG Security Report reviews the latest cyber resilience "call to action" from the White House and also explores authentication provider Okta's failure to inform hundreds of customers in a timely manner that their data could have been stolen by the Lapsus$ group.

This report analyzes how sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers in those countries who participate in bug bounty programs. It also examines lessons to be learned from data breaches and developments in passwordless authentication.

XDR: Because it's new to the market, it comes with a trail of hype. Stephen Davis of Rapid7 cuts through the buzz and discusses four tangible business benefits that are likely from XDR adoption - including high-fidelity detections and accelerated incident response.

Gary Hibberd, known as "The Professor of Communicating Cyber" at cybersecurity services provider Cyberfort Group, discusses the biggest changes made since 2013 to the ISO 27001 international standard for an information security management system, which helps organizations secure their data assets.