The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
The biggest security gaps emerge as enterprises transition from old to new ways of working. Quentyn Taylor of Canon for Europe and Chandrodaya Prasad of Cisco's Security Business Group are most concerned about the gap between NetOps and DevOps.
An attacker added a backdoor to the source code for PHP, an open-source, server-side scripting language used by more than 75% of the world's websites. Core PHP project members say the backdoor was quickly removed.
To help prevent and defend against emerging cyberthreats, CISOs must develop a multi-line defense strategy and invest in threat-hunting capabilities and orchestration, a panel of cybersecurity experts advises.
He started his cybersecurity career as a pen tester. As a result, Gong CISO Jack Leidecker retains an affinity for the tech community and emerging tools. He shares insight on this passion and his drive to ensure security’s role in business enablement.
Watch this episode of the "On The Road to DevSecOps" series to learn from a group of DevOps experts on why AppSec Awareness and Training matters and how to give your developers secure coding education that works.
Software is at the center of it all, placing increased pressure on developers, security managers, and DevOps leaders to develop applications faster. However, this need for speed comes at a price, and security can be seen as a blocker and not an enabler. Watch this webinar to understand why it's time to prioritize your...
Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report.
Enterprises can enhance cloud security by taking several steps, including adopting the secure access service edge, or SASE, concept and using a proxy firewall, says Nick Savvides of Forcepoint.
Organizations in the APAC region are not immune to the impact of the SolarWinds supply chain hack, so it's essential that they reassess their risk management practices and audit their suppliers, two security experts stress.
Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network monitoring security software builds. They warn that other vendors may have been similarly subverted.
To enhance organizations' security postures in the year ahead, CISOs must strengthen authentication processes, increase the use of network segmentation tools and deploy effective threat intelligence capabilities, two CISOs recommend.
In the wake of the SolarWinds breach, NIST's Ron Ross has turned his attention to systems security engineering - and the reality that the adversaries are exploiting it to their advantage better than the defenders are. This disparity, Ross says, has to change.
Building a cyber-resilient enterprise requires several key steps, including wider use of analytics, addressing security earlier in software development and improving the search for indicators of compromises, according to a panel of experts.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cio.inc, you agree to our use of cookies.