In this interview, Oliver Rochford, Chief Futurist at Tenzir, discusses the strategic integration of automation with human expertise in the field of cybersecurity. He highlights the challenges in ensuring data integrity and provides insights into the considerations when automating advanced tasks.
Overcoming the Cybersecurity Talent Shortage with Upskilling Initiatives
Dr. Lindsey Polley de Lopez, Director of Cyber & Space Intelligence at MACH37, proposes strategies for addressing the ongoing shortage of cybersecurity talent. She emphasizes the importance of upskilling initiatives by companies, educational institutions, and governments.
Inspiring Secure Coding: Strategies for Continuous Improvement
In the realm of software development, secure coding practices are of utmost importance. The article emphasizes the need to foster a security culture within development teams to ensure the integrity and protection of digital systems.
Bridging the Cybersecurity Skills Gap through Cyber Range Training
Debbie Gordon, CEO of Cloud Range, explains the concept of a cyber range and its crucial role in preparing for real-world cyber threats. She emphasizes the importance of realism in cyber training scenarios.
MikroTik Vulnerability Could Jeopardize 900,000 Routers
VulnCheck researcher Jacob Baines warns that a privilege escalation vulnerability (CVE-2023-30799) in MikroTik routers could potentially allow attackers to take control of up to 900,000 devices.
Ivanti Zero-day Exploited in Attack on Norwegian Government
The Norwegian National Security Authority (NSM) confirms that a zero-day vulnerability (CVE-2023-35078) in Ivanti Endpoint Manager Mobile (EPMM) was exploited in an attack that affected 12 Norwegian ministries.
Cl0p Ransomware Attack Targets MOVEit
The Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has resulted in over 420 known victims. The attack is attributed to the Cl0p ransomware group.
Apple Fixes Exploited Zero-day Vulnerability in All OSes
Apple has patched a zero-day kernel vulnerability (CVE-2023-38606) that was being exploited in iOS, iPadOS, macOS, watchOS, and tvOS.
US AI Giants Commit to Safe and Transparent AI Development
Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI announce their commitment to the safe, secure, and transparent development of artificial intelligence technology.
ZTNA as a VPN Replacement for Application Access
Organizations are increasingly looking for innovative and secure methods to grant network and application access to remote workers. Zero Trust Network Access (ZTNA) is emerging as an effective alternative to traditional VPNs.
Ransomware Groups Target Organizations Worldwide
GuidePoint Research and Intelligence Team (GRIT) reports that 14 new ransomware groups have been targeting organizations globally. In Q2 2023, these groups claimed responsibility for 1,177 publicly posted ransomware victims.
National Cyber Strategy Implementation Plan
The recently published National Cybersecurity Strategy Implementation Plan (NCSIP) is discussed by Kelly Rozumalski, a Senior VP at Booz Allen. The plan aims to enhance national cyber defense capabilities.
Step-by-step Guide for Patching Software Vulnerabilities
Effective patch management requires consideration of various factors such as organizational size, IT environment complexity, criticality of systems, and resource allocation.
Cost of Data Breaches Reaches All-time High
According to IBM’s Cost of a Data Breach Report, the global average cost of a data breach has reached $4.45 million in 2023, marking a 15% increase over the past three years.
CISOs Combat Rising Threat of B2B Fraud
Alex Beavan, Head of Ethics and Anti-Corruption at Convera, shares insights into how fraudsters target businesses and emphasizes the importance of combating B2B fraud.
Layering Security to Avoid Legal Repercussions
CISOs have a responsibility to protect customer data and address breaches. Layering security measures is essential to Avoid Legal Repercussions.
Zero Trust Gaining Momentum
Eighty-two percent of experts are currently working on implementing zero trust, with an additional 16% planning to begin within the next 18 months.
Converging Networking and Security with SASE
Omri Guelfand, VP of Product Management and SASE/Networking as a Service at Cisco Meraki, discusses the convergence of networking and security with Secure Access Service Edge (SASE).
SEC Adopts New Cybersecurity Incident Disclosure Rules
The Securities and Exchange Commission (SEC) now requires registrants to disclose material cybersecurity incidents and provide information on their cybersecurity risk management, strategy, and governance on an annual basis.
Strengthening the Digital Supply Chain
Marc Gaffan, CEO at IONIX, highlights the importance of protecting the entire Digital Supply Chain to prevent cyberattacks.
Cryptojacking Continues to Soar
SonicWall reports that digital threat actors are diversifying their malicious attacks, leading to an increase in cryptojacking incidents.
Companies Need Secure Strategies for Generative AI
Despite the widespread adoption of generative AI, many companies lack a coordinated strategy for deploying and securing it, leaving them at risk of potential disadvantages.
Product Showcase: Stellar Toolkit for Exchange
Stellar Toolkit for Exchange offers multiple export options, the ability to recover data from corrupted databases or backups, and the option to export directly to live Exchange Server databases or Office 365.
New Infosec Products of the Week
The latest products featured include offerings from BreachRx, Darktrace, Dig Security, Panorays, and SeeMetrics.
The post Key Factors for Effective Security Automation appeared first on TS2 SPACE.
