The ability to work from home seems to have seeped into people's consciousness like it's something normal and expected. Employees now ask if they can work remotely when applying for a new job, and companies have to take this into consideration. But these expectations are changing the cybersecurity landscape and force organizations to adapt to a new paradigm in which employees are no longer entirely under the protective umbrella of the corporation. The responsibility for employees' cybersecurity is no longer clear-cut, and new definitions are needed.
- IT security teams face the challenge of a complex, evolving threat landscape
- Threats are increasing in sophistication and the attack surface is expected to grow
- Security tipping point is determined by gaps in time, skills, efficiency and outcomes
- EDR and MDR represents two viable paths you can take to achieve solid security defenses
CDN providers and SaaS companies with content-sharing components (such as DropBox, WeTransfer, SharePoint,etc) are increasingly targeted by cyber criminals for malware. The ease with which users can upload and share content is obviously key, but unfortunately, it is equally appealing for malicious actors to attach malware contents.
This week Bitdefender was named in a press article regarding our decision to release a free decryptor in January 2021 to help those affected by Darkside ransomware. The authors of the article assert that publicly releasing a ransomware decryptor enables malicious actors to modify their methods to evade future decryption, thus increasing the risk of successful future attacks.
In the third and last part of the blog series on Practical Cyber Resilience, I will cover the Approaches, Tactics and Techniques that an organization should use when developing options for improving cyber resilience. In the previous blog, I detailed the practical five-step Cyber Resilience Analysis Process recommended both by NIST and MITRE for enhancing cyber resilience.
We did it! Five of our talented, channel focused ladies including Anamaria Diaconu, Heather Harlos, Paula Enache, Randi Fleming and Samantha Sisk have been honored by CRN in the 2021 Women of the Channel list.
On May 12, 2021, U.S. President Biden signed the highly anticipated Executive Order (EO) on Improving the Nation’s Cybersecurity (and the government issued a fact sheet summary of the contents). U.S. Presidents use Executive Orders (EO) to provide guidance to federal agencies as part of enforcing laws passed by Congress and managing the executive branch of the U.S. Government. This EO is the most detailed ever issued on the topic of cybersecurity in the nation’s history. It has global implications because of the size of the U.S. Federal Government and its purchasing authority for cybersecurity solutions – estimated to be nearly $20 billion annually.
As new threats hit enterprise systems and light up enterprise security dashboards, security analysts need to make swift and accurate decisions so that they can respond in the best way possible. Yet, so many alerts come at any given time that the ability for the typical security team to focus on the alerts that matter can seem impossible.
It seems that every week new news breaks regarding the progress toward reaching practical quantum computing. While this is excellent news for the promised benefits quantum computing will provide, it helps society tackle the biggest problems in computing that traditional computers just can't handle. These include potential breakthroughs in artificial intelligence, the complex modeling involved in nuclear fusion, improved solar cells, cancer, and disease treatments, and financial markets modeling.
Advanced Persistent Threat (APT) groups are at the heart of today’s cyber-espionage efforts. Unlike one-off hackers, APTs distinguish themselves through novel attack techniques, cunning lateral movement across the victim’s infrastructure, swift malware deployment, efficient data exfiltration and – perhaps most importantly – stealthy operation to avoid detection by cybersecurity tools.
Ransomware continues to be the ultimate business disruptor. This week Colonial Pipeline, a private operator of the largest refined products pipeline in the United States, transporting more than 100 million gallons of fuel daily, announced they were a victim of a ransomware attack by the organization known as “Darkside.” The attack propelled Colonial to take systems offline, halting operations and threatening to cause the price of oil to rise.
