All encrypted data will eventually become vulnerable to quantum computing along with the secrets they hold.
Stories by Christopher Burgess
Investigators claim Ubiquiti employee Nikolas Sharp stole company data and then played the role of whistleblower to draw attention away from is actions.
PIPL's data localisation mandate places unique requirements on businesses operating in China, and regulators have great leeway to assess fines.
Attackers broke into the Twitch house and cleaned out everything. Following least-privilege access principles will help others avoid that scenario.
Device / machine identity, especially in association with robotic process automation, can be a conduit for intentional and unintentional insider breaches.
The ransomware keys might have been acquired by an ally, which would invoke the third-party doctrine where the decision to release was not the FBI's alone.
With internet blocks and high-profile arrests, Russia shows it can crack down on cybercrime when properly motivated.
Nearly every employee leaving a company takes data or intellectual property, but few companies adequately screen and monitor for it. Recent court cases underscore the risk.
Although the company informed its OEM customers of the vulnerability, users of IoT devices running its QNX OS were potentially kept in the dark.
Employee use of unauthorised apps have resulted in high-profile data losses. CISOs need to understand why shadow IT exists before addressing it.
Cybersecurity and Infrastructure Security Agency alert details past network compromises and exposes a lack of preparedness among ICS companies.
CISOs should leverage this guidance to help get the resources they need to make these attacks too costly for nation-state threat actors and criminals.
Sensitive company and personal data often leaves organisations on disposed devices. Data may be at risk when equipment is recycled.
DarkSide attack on Colonial is yet another wake-up call for companies to harden systems but history suggests that might not happen.
Microsoft's apparent misconfiguration of its own cloud bucket exposed third-party intellectual property. Here are the takeaways for CISOs.