Backend operation services provider InfoTrax Systems has reached a settlement with the U.S. Federal Trade Commission (FTC) over a data breach discovered in 2016, the agency announced this week.Utah-based InfoTrax provides multi-level marketers with a variety of services, including compensation, inventory, accounting, and training, as well as data security, i

Canada's spy agencies are divided over whether or not to ban Chinese technology giant Huawei from fifth generation (5G) networks over security concerns, the Globe and Mail reported Wednesday.The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) were tasked with conducting a cybersecurity review to evaluate the

China on Tuesday blasted as "economic bullying" a US proposal to block telecom carriers buying from Chinese tech companies Huawei and ZTE.The US Federal Communications Commission (FCC) said on Monday that the proposed rules -- which also require carriers to remove any existing Huawei and ZTE equipment -- were part of an initiative to "safeguard the nation's

Basic Cyber Hygiene is Lakcking and Now is the Time to Make it RoutineA good quality control (QC) consultant is great at focusing on core principles. Want to prioritize your biggest problems? Build a Pareto chart. Want to engage in continuous quality improvement? Follow the “plan, do, check, adjust” formula.In cybersecurity, numerous surveys have already plo

Two senior US senators called for the government to study national security risks possibly posed by Chinese-owned video app TikTok, saying it could leave American users vulnerable to Beijing's spying.With 500 million users worldwide, TikTok has exploded in popularity in the past two years, offering a platform to produce and publish music-synced videos up to

ATLANTA — SECURITYWEEK 2019 ICS CYBER SECURITY CONFERENCE — Some of the recent cybersecurity incidents involving industrial control systems (ICS) have resulted in injury and even loss of life, according to a survey conducted by Control Systems Cyber Security Association International (CS2AI).CS2AI is a non-profit organization focused on the growth and expans

My previous column on security metrics seemed to generate quite a bit of interest.  This tells me that metrics is a topic that, while challenging, is also important and at the top of the priority list for security organizations.An unfortunate, though timely news story brings me an apt analogy for this week’s piece.  A few weeks back, a woman e

Several major tech and cybersecurity companies have joined forces for a new initiative called the Operational Technology Cyber Security Alliance (OTCSA), which aims to help industrial and critical infrastructure organizations address challenges related to OT security by providing guidance and resources.Founding members of OTCSA include equipment manufacturer

One the most significant challenges facing cybersecurity professionals today is the need to simplify and consolidate their existing cybersecurity infrastructure. This is a trend that I saw time and time again over my 33-year career at the National Security Agency (NSA) and USCYBERCOM. In my senior technical roles there, I was responsible for driving major in

ATLANTA — SECURITYWEEK 2019 ICS CYBER SECURITY CONFERENCE — Outdated and unsupported operating systems are still present and they still pose a serious risk in many industrial organizations, according to a new report from industrial cybersecurity firm CyberX.The company’s 2020 Global IoT/ICS Risk Report is based on data passively collected by CyberX from over

Microsoft this week announced the public preview of a new feature that allows enterprise users to check their Azure Active Directory sign-ins for any unusual activity.Dubbed Azure AD My Sign-In, the new feature provides users with information on any attempts to guess a password, tells them whether the attacker managed to successfully sign in to the account,

The global and interconnected nature of business today means that no company or organization is an island. Every modern business relies on many others, either as part of the supply or distribution chain, or for value-added services like accounting and social media marketing. But employing a third party adds risk, especially if that company is given some

Identity authentication is absolutely necessary to conducting our affairs today. Without it, we would lose virtually all confidence to conduct business or create and foster relationships. But with ever increasing concerns related to data privacy, it is worth looking at the past to see what future challenges we may face in the digital identity space. From Jew

The calculus for disaster recovery and risk management is changing. Most small businesses within the past decade would often keep many of their critical technology assets locally, perhaps in a server closet, or a centralized data center for multiple offices. They built their own “vault” of applications, databases, email, files, etc., often on a few physical

Chinese telecom company Huawei on Tuesday criticized the Estonian government and media for spreading what it says are “arbitrary and unfounded” allegations about cybersecurity risks related to the company’s mobile phones.Hong Yang, head of Huawei’s Baltic consumer business, said in a statement that the company “is always ready to defend its rights and intere