AI More Helpful Than Harmful in Cybersecurity
The majority of of IT security managers see the use of AI in security tools as helpful rather than a threat they must defend against ... Read More
AI Essential to Secure Dev, Successful DevSecOps—Yet Risks Abound
When finding security vulnerabilities within software built by in-house developers, there’s good reason to believe that development teams, thanks in part to the help of AI tools, are actually “shifting left” when developing secure code. At least, that’s one of the findings from a survey of 1,001 senior technology executives ... Read More
Will Consumers Punish Vendors That Suffer a Data Breach?
If a new survey from API and application protection vendor ThreatX is accurate, a majority of U.S. consumers are less likely to work with a company following a data breach. At least, they claim that they are. The ThreatX survey highlighted consumers’ evolving attitudes toward data breach concerns and their ... Read More
Organizations Preparing for Cyberwar
Perhaps—just maybe—2022, mainly due to the Russian invasion of Ukraine and the use of offensive digital operations, will go down as the year executives started taking the threat of cyberwarfare as a realistic risk against their operations. This week, device security platform provider Armis took a stab at quantifying the ... Read More
Mitigating the North Korean Cybersecurity Threat
Cybersecurity firm Kaspersky recently published an analysis that detailed how a North Korean threat actor, which it called the BlueNoroff group, is stealing cryptocurrency by bypassing the “Mark of the Web” flag security feature within the Windows operating system. Kaspersky’s advisory is only the latest in a string of cybersecurity ... Read More
NIST Completes Satellite Command-and-Control Guidance
NIST’s popular cybersecurity framework is finally ready for space. Well, not really outer space—but it will be applied to the security of ground satellite command-and-control systems. In recent years, the security of satellites has caught the attention of the military and lawmakers. Col. Jennifer Krolikowski, chief information officer at U.S ... Read More
FDA, MDIC and MITRE Publish Medical Device Threat Modeling Playbook
Modern medical devices are complex, networked and often vulnerable to attack. With that in mind, the U.S. Food and Drug Administration (FDA) has funded the development of a playbook for threat modeling by the Medical Device Innovation Consortium (MDIC) and MITRE. The playbook is designed to help health care organizations ... Read More
Health Care Under Cyberattack: Unprotected Medical IoT Devices Threaten Patient Care
Connected devices bring organizations more information and convenience, but they also increase an organization’s attack surface—and medical devices are no different. According to a survey released by reviews platform provider Capterra, as health care organizations connect more medical devices to their network, they are also attacked more often. Capterra’s 2022 ... Read More
Enterprises Fear Continued API Sprawl, Security Weaknesses
There’s no doubt that APIs enable developers to better customize their applications. Yet the continued growth and success of APIs as the glue that holds together digital transformation is proving to increase risk and create API manageability challenges. Axway’s 2022 Open Everything Strategy Survey results revealed the top concerns among ... Read More
Forrester: Rethink Reliance on Professional Certifications
To many IT and security professionals, industry certifications are a necessary evil. Primarily due to common—yet increasingly questioned—hiring practices, certifications are vital for entry-level cybersecurity workers who need to establish a baseline understanding to potential employers. However, Forrester concluded such certifications might hurt the cybersecurity talent pool in both the ... Read More
