Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With December 9 just weeks away, auto dealerships need to prepare for changes in the FTC Safeguards rule and understand how they’re going to move forward in compliance with the new rule. With roots in the Gramm-Leach-Bliley Act (GLBA), the Safeguards Rule expands the definition of “financial institution” to include a broader swath of industries that provide financial services to customers.

Phishing is one of the most common online security threats. A phishing website tries to mimic a legitimate page in order to obtain sensitive data such as usernames, passwords, or financial and health-related information from potential victims. Machine learning (ML) algorithms have been used to detect phishing websites, as a complementary approach to signature matching and heuristics.

You didn’t change anything in your code, yet the scan is different this time. Here’s advice from an Application Security Consultant on why that may be. Have you ever wondered why you scan code one day and get one result, and then scan the same code a month later and get different results – even though you never changed anything?

When delivering customer experiences from the cloud, defending the app includes the data it houses and the business it represents. The DevSecOps mindset, “You build it, you run it, you secure it” helps, but only when all teams are empowered with the info they need to see a threat, regardless of where it is.

Every security framework recommends that an organization has a cybersecurity training program for all employees, but few give much guidance about what the program should contain. What do you train them on? What actually works? Other than checking a box on the compliance forms, are these programs useful?

Healthcare organisations in the United States are being warned to be on their guard once again, this time against a family of ransomware known as Venus. An advisory from the United States Department of Health and Human Services (HHS) has warned that the cybercriminals behind the Venus ransomware have targeted at least one healthcare entity in the United States, and are known to be targeting publicly-exposed Remote Desktop Servers.

Financial institutions are amongst the most highly targeted organizations for cyber security attacks. To address this, the Reserve Bank of India (RBI) has outlined a list of controls, known as the RBI Guidelines for Cyber Security Framework, for banks to achieve a minimum recommended baseline of cyber attack resilience. Each area carries several detailed specifications from the list of controls outlined by the Reserve Bank of India.

Today’s corporations are more digitized than ever before. Banks, financial institutions, and other corporations rely on remote video verification for client authentication, compliance screening and digital onboarding. It enables onboarding your customers more conveniently and helps secure the platform. With online fraud on the rise globally, businesses are highly targeted usually in the signup process.

Third party cyber risk can be a lot like the wild wild west - it’s hard to predict where your next loss will come from. We know that third-party cyber events can lead to millions of dollars of loss revenue, remediation costs, regulatory fines & more. That’s why Kovrr has made significant updates to their platform to help put a financial quantification on risk derived from your organization’s third parties.

An IDSA study found that 79% of enterprises have suffered an identity-related breach. At ManageEngine, we understand how important identities are to the overall security posture of an organization. That’s why this Identity Security Week, we’re offering a series of blogs to spread awareness about the importance of identity security and what simple measures can help improve the security of your organization. Let’s kick off the series with a trending topic—remote work.