Today’s columnist, Rohit Sethi of Security Compass, says security teams need to focus more on standards that deal with secure software development, such as NIST’s 800-160 publication.
A lack of real-time data on inventories, connections, and device communications, combined with reliance on legacy platforms and slow patch management processes have resulted in many providers leaving the door open to attackers.
Today’s columnist, Marcus Kaber of Specops Software, writes that as much as the tech companies are pushing biometrics options like facial recognition, most enterprises still run on legacy passwords.
Today’s columnist, Rickard Carlsson of Detectify, says companies should embrace Gartner’s concept of DevSecOps as the integration of security and compliance testing into an emerging agile IT and DevOps development pipeline.
Many Android device OEMs may have offerings with similar flaws, any of which could provide an avenue in to home networks and even enterprise resources.
Tangible impacts to corporate earnings, combined with the multi-million dollar ransom payouts by Colonial Pipeline and JBS, demonstrate a reality that more and more in the cybersecurity community are beginning to acknowledge: Ransomware is emerging as a cost of doing business, grabbing the attention not just of security leaders, but the entire C-suite, boards, and even Wall Street investors.