Information Security Incident Response
- April 02, 2020
The 2020 Beazley Breach Briefing reported a 131% increase in reported attacks against clients last year, and the insurance giant isn't expecting the trend to slow down.
- March 24, 2020
Canon Business Process Services was breached last month, according to an announcement by General Electric, which used Canon for employee document processing.
- March 20, 2020
As they grapple with the COVID-19 pandemic, healthcare providers will have free access to a range of ransomware-related services from security vendors Emsisoft and Coveware.
- March 05, 2020
Making payments to threat actors to retrieve data was once viewed in black-and-white terms. But RSA Conference attendees say attitudes about paying up have changed drastically.
- February 26, 2020
At an RSA Conference 2020 panel, Target explained how the company is using war gaming to simulate real attacks and data breaches in order to hone its incident response plan.
- February 25, 2020
At RSA Conference, Colorado CISO Deborah Blyth gave an inside look at the state's response and recovery effort following a devastating SamSam ransomware infection in 2018.
- February 24, 2020
At RSA Conference 2020, Cisco unveiled SecureX, which integrates the vendor's security portfolio into a single platform with enhanced visibility and automation.
- February 19, 2020
Ransomware spread to a number of city, state and local governments across the U.S. in 2019. Threat researchers weigh in on the increased attacks and what to expect in 2020.
- January 07, 2020
Accenture agreed to acquire Symantec's Cyber Security Services business from Broadcom, less than six months after Broadcom acquired Symantec's enterprise business.
- December 19, 2019
Another confirmed ransomware attack, this time against Busch's Fresh Food Markets, was added to the Maze gang's ransomware shaming list after the company refused to pay the ransom.
- December 10, 2019
A cyberattack, later confirmed to be ransomware, hit the city of Pensacola, Florida on Saturday, and the city is currently in the process of responding.
- December 10, 2019
The threat actors behind Ryuk ransomware made changes to their code that have made the official decryption tool unreliable, according to security researchers.
- November 21, 2019
Ohio is building a 'Cyber Reserve,' a civilian cybersecurity force alongside the state's National Guard that will be deployed to help local governments recover from cyberattacks.
- November 19, 2019
A CrowdStrike study revealed it takes enterprise security teams almost seven days of nonstop work to detect, investigate and contain the average incident.
- November 08, 2019
ConnectWise warned that ransomware attacks are targeting open ports for its Automate on-premises application, but the company has offered few details about the nature of the attacks.
- October 25, 2019
Cyber insurance carriers are assuming greater control over how enterprises conduct incident response, which has caused angst and frustration among some security vendors.
- October 23, 2019
Avast was able to stop an attempted supply chain attack targeting its CCleaner software, but experts say all enterprises should be wary of similar supply chain attacks.
- March 20, 2019
Aluminum manufacturer Norsk Hydro was hit with ransomware that forced a switch to manual operations. The company's incident response has experts impressed.
- February 21, 2019
CrowdStrike's annual global threat report highlights why speed is critical for cybersecurity defenders. Experts sound off on key findings, including the rise of 'big game hunting.'
- January 22, 2019
DerbyCon co-founder Dave Kennedy discusses his decision to close down the conference and what he would have done differently.
- November 30, 2018
News roundup: A Spectre v2 mitigation causes significant performance slowdowns in Linux 4.20. Plus, Dell had to reset user passwords after a data breach, and more.
- August 31, 2018
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.
- August 13, 2018
During a Black Hat 2018 session, Google, Microsoft and Red Hat offered a behind-the-scenes look at the disclosure and response effort for Meltdown and Spectre.
- August 09, 2018
During a panel discussion at Black Hat 2018 on Meltdown and Spectre, Google explained how miscommunication left the company's incident response out of the early disclosure process.
- July 17, 2018
Accenture's Justin Harvey spoke at RSA Conference 2018 about his experiences with incident response and his views on the importance of cyber attribution.
- June 18, 2018
Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the daunting challenges CISOs face today and how the position may be changing.
- February 14, 2017
Zulfikar Ramzan opens RSA Conference 2017 by reminding enterprises that just as cyberattacks have long-tail repercussions, so too do collaborative security decisions made in business.
- July 08, 2016
In a move to support the development of global cybersecurity norms, Microsoft calls for improved cyber attribution to identify cyberattack perpetrators.
- August 07, 2015
In the wake of a major cyberattack, the process of rebuilding IT security can be daunting, but Christina Kubecka has some tips from her experiences with Saudi Aramco after a massive attack in 2012.
- April 22, 2015
Huawei's U.S. CSO pitched the rigor of its supply chain security processes to RSA Conference 2015 attendees, but they remained skeptical at best on whether to trust the Chinese networking and security vendor.
- January 23, 2015
News roundup: An of onslaught Adobe, Oracle, OpenSSL, Chrome and Firefox patches highlights the sad state of software security in 2015. Plus, security budgets increasing; HealthCare.gov security woes; false-positive alerts cost millions annually.
- April 11, 2014
FireEye and Palo Alto Networks take issue with the new NSS Labs report on breach-detection systems, calling the review process into question.
- March 25, 2014
Innovative threat detection products like FireEye and Damballa aren't being deployed inline and that lack of trust poses incident response challenges.
- March 06, 2014
Speakers at RSA Conference 2014 said information security incident response teams must identify and prep key participants well before incidents occur.
- January 28, 2014
The Online Trust Alliance marks Data Privacy Day with events to help enterprises plan for inevitable data protection and privacy incidents.
- March 27, 2013
Panelists at the SANS Cyber Threat Intelligence Summit lament the challenges of using cyber-intelligence to thwart enterprise security threats.
- March 19, 2013
Providing order and security for the Internet in Yemen, where half of the population is under 18, could provide opportunity in a faltering nation.
- December 03, 2012
The SANS Institute NetWars CyberCity aims to boost critical infrastructure protection and incident response in a unique training environment.
- November 20, 2012
Sharing practical threat data can reduce the "dwell time" of an attacker and better detect and contain problems, said Tom Heiser, president of RSA.
- June 14, 2012
Users are told to create strong passwords, but the LinkedIn hacking showed strong passwords are no defense when the application provider is attacked.
- April 04, 2012
Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch.
- April 02, 2012
Outdated SIEM systems were difficult to deploy and costly to maintain, according to one expert. Today, CISOs are considering highly integrated, lightweight systems with more automation.
- November 15, 2011
Enterprises swayed by vendor marketing and a lack of understanding still fail to adequately counter advanced persistent threats (APT).
- June 30, 2010
Targeted attacks like Operation Aurora require organizations to change up their security strategy, experts say
- June 15, 2010
A malicious link in an instant message set the stage for a well-coordinated network infiltration of Google's systems. Subtle clues helped investigators trace the attacker's steps.
- March 03, 2010
Sharing breach data with law enforcement is necessary for fighting sophisticated online criminals, panelists say.
- January 25, 2010
A Ponemon Institute study of 45 businesses found data breach costs increased last year to $204 per compromised record, a rise of $2 per customer record over 2008 costs.
- January 18, 2007
Security experts are mixed on whether TJX acted properly following a massive data breach last month. One expert says potential victims should have been notified sooner.
- May 03, 2006
The U.S. Cyber Consequences Unit says enterprises must take specific measures to shore up their defenses, otherwise they could be vulnerable to attackers who not only steal data, but also manipulate it.
- April 14, 2006
The credit card processor's new vice president of security and compliance is convinced he can restore the company's reputation after it made the evening news.
- April 14, 2006
The organization's director of security grappled with the fine mess done by one of its own. Part of the Security All-Star Survivor series.
- January 12, 2006
What use are firewalls and intrusion prevention systems if insecure digital documents reveal all of an enterprise's best-kept secrets? That's the question many security experts are asking in the wake of several high-profile incidents in which ...
- February 01, 2004
A network incident response plan enables the split-second reactions necessary to survive next-generation attacks.
- November 10, 2003
Enterprises need computer incident response teams to address system breaches, evidence gathering and other investigative duties, an expert said.
- April 01, 2003
In the wake of an incident, CISOs should make the most of the opportunity to increase information security budgets.