The Biden administration proposed a $9 billion upgrade to the nation’s cybersecurity capabilities as part of his proposed stimulus plan. (Official White House Photo by Adam Schultz) Updating and strengthening cybersecurity can be a costly proposition for small and medium businesses with limited budgets. With that in mind, the Biden administration
Author: Teri Robinson
Microsoft wraps SolarWinds probe, nudges companies toward zero trust
Microsoft closed the book on the SolarWinds investigation. (Microsoft) Following an internal investigation, Microsoft, despite being an early target in the SolarWinds campaign, said none of its systems were used to attack others – a fact the company attributed to its zero trust mindset. The probe also found no evidence of access
Copycats emerge after researcher exploits design flaw to breach Microsoft, Apple, Tesla
After a security researcher was able to breach Tesla, Apple and others, more than 150 copycats emerged, most claiming to be researchers. (“tesla” by smellsofbikes is licensed under CC BY-NC-SA 2.0) Pseudonymous authors published more than 150 copycat packages just three days after Sonatype published research around a software supply chain
Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles
President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical that the newfound funding focus on cybersecurity will be enough to
With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?
Insured losses from the SolarWinds breach will likely come in around $90 million, according to estimates from a pair of security companies, who claim insurers may have dodged “a catastrophic financial incident.” While newly minted partners BitSight and Kovrr expect the number of SolarWinds victims to grow in the upcoming months,
Privacy 2020: From prepared to alarmed, the year the rubber hit the road
CISOs should be ready to confront the psychology of cybersecurity in 2021
While most organizations are happy to put the pandemic-dominated 2020 behind them, 2021 will bring more of the same security challenges. Information Security Forum Managing Director Steve Durbin Steve Durbin, managing director of the Information Security Forum (ISF), offered SC Media insight into the ISF Annual Threat Update and where IT security
Female CISOs lead global enterprises through unprecedented change
When the pandemic pushed state workers in Colorado home, the state’s security department “became the heroes,” said Deborah Blyth, chief information security officer of State of Colorado. They “saw a new value in our organization,” as the department toiled to provision VPN accounts and scale from 10,000 concurrent sessions to 30,000
Treasury sanctions Russian research institute for Triton attack
The Treasury Department’s Office of Foreign Assets Control sanctioned a Russian government research institution linked to Triton malware targeting industrial safety systems, the first time the U.S. took such an action for an industrial control system attack. Treasury Secretary Steve Mnuchin called out the Russian government for continuing “to engage in
With compliance on the mind, corporate boards up cyber investments
Despite the pandemic, boards are increasing investment in security, and organizations expect their security budgets to expand over the next year. Of the 900 global chief information security officers and information technology decision-makers tapped for Thycotic’s CISO Decisions survey, 77 percent said their boards have okayed investment in new security projects.