The latest edition of the ISMG Security Report discusses why too few organizations admit to being victims of ransomware attacks, how delayed enterprise subscription start dates forced CrowdStrike to cut sales forecasts, and leveraging threat intelligence to protect critical infrastructure.

Why Ransomware Victims Avoid Calling It 'Ransomware'

Exclusive, insightful audio interviews by our staff with government/security leading practitioners and thought-leaders.  Transcripts are also available on our site!

Technology

Tech News

Podcasting

Gadgets

Software How-To

Government & Organizations

Non-Profit

National

Regional

Local

A recent White House memo on bolstering the security and resiliency of critical infrastructure sectors calls for comprehensive mapping and risk assessment of all critical components and interdependencies within the healthcare ecosystem, said Greg Garcia of the Healthcare Sector Coordinating Council.

What's in Biden's Security Memo for the Healthcare Sector?

Semperis researcher Eric Woodruff discovered Silver SAML - a new technique used to launch attacks from an identity provider against applications configured to use it for authentication. How does it differ from Golden SAML, and how can enterprises respond to the threat? Woodruff shares insight.

Silver SAML Threat: How to Avoid Being a Victim

Updating software as new vulnerabilities are discovered persistently remains a top medical device cybersecurity challenge, said David Brumley, a cybersecurity professor at Carnegie Mellon University and CEO of security firm ForAllSecure. Solving this requires a major mindset shift, he said.

The Challenges in Keeping Medical Device Software Updated

Oomnitza co-founder and CEO Arthur Lozinski discusses enterprise technology management - a solution that brings software, hardware and infrastructure asset management together in a single database and uses automation to set and enforce policies for the enterprise as a whole.

Enterprise Technology Management: No Asset Management Silos

Security awareness training is maturing as security teams recognize the need to secure the "human element" of cyber risk. But in the face of more sophisticated attacks using MFA bypass techniques, APTs and AI, it's time for organizations to create more tailored education programs.

Why Ransomware Victims Avoid Calling It 'Ransomware'

Download our free app to listen on your phone