Dear reader: if we had the chance, we would definitely name you the Best Corporate Security Blog Reader out there.
An annual study from enterprise software company Micro Focus has shown progress in the security maturity of organizations, but much more work remains. According to the fifth annual State of Security Operations Report 2018, there has been a 10 percent improvement in organization’s ability to meet security-related business goals. According to the study, about 25 percent of organizations assessed meet those goals.
Speed is the critical factor in mitigating the damage of a cyber attack, and will remain so for the foreseeable future. This is according to 74 percent of the C–level information security executives who participated in our brand new Small Gains, Big Wins Study, which looks at the cyber security attitudes of 250 CIOs/ CISOs/ CSOs in UK-based companies with 500+ employees.
Coin Miner Reports Outrank Ransomware by Two Orders of Magnitude, According to Bitdefender Telemetry
Bitdefender telemetry revealed that from September 2017 until February 2018, ransomware reports have followed a descending curve, while coin miner reports have increased by 130 percent by January 2018. Interestingly, cryptojacking is currently one of the fastest spreading cyber threats, already outranking ransomware’s exposure by a factor of 1 to 100 according to Bitdefender’s intelligence, and is recently displaying targeted behavior, by leveraging fileless techniques and exploits to infiltrate organizations and spread laterally.
If you count big digital transformation events among your favorite times of the year, you know by now that no show tackles security better than Citrix Synergy.
Security threats are keeping CISOs awake at night. We have this on good authority: around two thirds (65 percent) of C-level information security executives surveyed admitted to it as part of our brand new Small Gains, Big Wins Study, which looks at the cyber security attitudes of 250 CIOs/ CISOs/ CSOs in UK-based companies with 500+ employees.
You’re not surprised when a purchase of some earrings, a bracelet, or a diamond necklace hurts you in the pocket.
Attributing cyberattacks and advanced malware to a particular country or entity is usually troublesome. Forensic artefacts can sometimes be planted or forged to point to a specific country or cybercriminal group.
The individuals charged with running an organisation are actually the most likely to expose it to a major cyber attack, according to information security executives.
Over the past few years, considerable attention has been given to the cybersecurity skills gap. In the post Enterprises Continue to Grapple with a Huge Cyber Security Skills Shortage we covered how the global cyber security workforce shortage is on pace to hit 1.8 million by 2022, a 20 percent increase since 2015, according to the Global Information Security Workforce Study. That study found 68 percent of workers in North America think the workforce gap is due to a lack of qualified personnel.
Organizations already facing a tough time finding cybersecurity talent may find additional cybersecurity headwinds this year as the vast majority (84 percent) of cybersecurity workers say they are on the lookout for new job opportunities.
Ever since the first data breach notification law went into effect July 1, 2003 in California (SB 1386), there has been controversy surrounding what types of data being exposed should trigger data breach notifications, who should be notified, and how quickly they should be notified. In fact, it’s become somewhat of a mess.
Everyone in IT knows how much the cloud is becoming a central and strategic component of the modern technology infrastructure at many enterprises. Perhaps less well known is the fact that a lot of organizations have pulled workloads back from the cloud—in part because of concerns about data management and security.
As enterprises bridge their adoption patterns for public cloud from isolated pilot projects to fully scaled environments, they're going to need to get serious about adjusting their cybersecurity strategy and architecture to accordingly. According to the thinkers at McKinsey & Company, that sea change needs to start now. In a new report out last month by the consulting firm, enterprises are finally doubling down on their public cloud experiments over the last decade. And that means an impending cascade of public cloud usage in critical infrastructure that previously remained entrenched in the on-prem world.
Ransomware, the prolific malware that locks down computer files until the victim pays to regain access, remains the fastest-growing cyber threat, targeting users from the regular Joe to entire corporate networks.
The U.S. Securities and Exchange Commission (SEC) put public companies on warning that they need to get better about how and when they disclose not just breaches but material cyber risks to investors. The instructions were part of an updated guidance on breach disclosure from the SEC meant to protect investors and bring greater clarity to what the regulatory board expects from public companies when it comes to how they handle information security transparency.
Artificial intelligence (AI) is capturing the imagination of business and technology leaders in virtually every industry. The promise of technology solutions based on AI is certainly compelling, with potential benefits including greater efficiency, reduced errors, cost savings, enhanced customer services, etc.
An increase in cyber threats and a failure to learn from past incidents place the security of data, infrastructure and assets at risk, according to a new threat landscape report.
The global software defined data center (SDDC) market is estimated to reach US$90.416 billion by 2022, from US$36.517 billion in 2017, meaning that companies will continue on the path of software defined everything. While the immediate benefits of SDDCs revolve around less CapEx, OpEx, centralized management, and the deployment of cloud in a box, organizations need to prepare for challenges facing when adhering to SDDCs.
Following a unanimous warning from the intelligence community about growing cyber threats, cybersecurity professionals agree that a catastrophic data breach to their organization is inevitable. Worse still, most IT execs fear the world could be on the brink of cyber warfare.
Now is not the time to dilly-dally. If you haven’t already properly secured the Amazon Web Services S3 servers (known as “buckets”) storing your sensitive data in the cloud then your business has no time to lose.
