A few years ago, companies were reluctant to adopt cloud computing because they thought a lack of physical access to the network would deprive them of control over their data. A major shift occurred when they understood that, with suitable configuration and security, cloud computing offers serious benefits.
We’ve been writing quite a bit about GDPR (along with most everyone else), and its deadline rolling upon us there will be quite a bit more GDPR coverage to go around. But as the deadline draws closer, we’ve beginning to see some of the potential fallout and unexpected consequences of the regulation. Ridding
Companies still struggle with ransomware, phishing, data breaches and other attacks that bypass their security and affect their budgets. Enterprises know they are in dire need of technology that will safeguard their infrastructures from known, unknown, and undisclosed vulnerabilities.
Ransomware remains the top threat faced by businesses as we move into the second half of 2018. Since the emergence of the first strains of ransomware in 2013, this nefarious trend has unfortunately only kept growing. And the latest such incidents have shown an increased focus on the healthcare sector.
After years of hype, 2018 may finally see the start of the mainstream adoption of software-defined networking (SDN). And with it, network virtualization and software defined data centers (SDDC) could be on the cusp of big breakthroughs. So say the results of the new research from Enterprise Management Associates (EMA).
Security executives fear cyberattacks will heavily target critical infrastructures in the near future, but they don’t seem to be doing much about enforcing security policies that also cover IoT devices. Despite the major threat they pose, connected devices have so far been overlooked in security policies. It appears that in general, in spite of the increasing awareness of high-profile cyberattacks and threats, enterprises tend to look the other way rather than invest properly in a cybersecurity strategy.
What are your plans for 5-7 June 2018 ? If you are a security professional attending Infosecurity Europe in London, we'd be delighted to meet with you, answer your questions and offer our insights into the latest cyber security trends.
The Internet of Things may be mostly a consumer-facing phenomenon, but businesses too have become swayed by the IoT sensation. And, like regular users, they are starting to feel the heat caused by unsecured IoT devices.
Every year, world’s best security blogs get to compete in the European Security Bloggers Awards, an event part of London’s Infosec Europe. This year, we are honored to be among the finalists in two categories, namely The Best Corporate Security Blog and The Best European Corporate Security Blog.
The onset of 2018 has seen European businesses bombarded with cyberattacks, including a staggering 80 million pure fraud attempts. With a 30% increase in cybercrime year-over-year and strict new laws coming into effect this month, digital businesses in Europe – and indeed everywhere – need to make cyber-security a priority now more than ever.
Cloud security has grown into a major issue for enterprises, as only one company in six encrypts all data, according to a Bitdefender survey. While 85% of CISOs fear security flaws in the public cloud, as many as 51 percent of enterprises don’t properly secure their cloud storage services, according to RedLock, leaving their data exposed to hackers.
As we’ve covered in depth here over the past few years, enterprises have moved to cloud in a big way, with the estimated size of the cloud computing market to have been $130 billion globally in 2017. But those organizations who have made the move, especially when it involves sensitive or
As 250,000 new malicious programs and an increasing number of tailor-made threats try to wreak havoc on corporate IT infrastructures each day, the need for qualified information security personnel is higher than ever. Simultaneously, most companies struggle for rapid incident detection and response, with teams that can’t keep up with the sheer number of alerts their EDR solution identifies, and the difficulties in deploying and maintaining the entire endpoint security architecture.
Most companies admit they don't invest enough in application security until after they've suffered a breach, and almost half lack clear visibility into their business-critical apps, according to new data sourced by Ponemon Institute.
We're at less than a month before the EU General Data Protection Regulation (GDPR) regulations go live and global readiness still lags considerably. Companies around the world are in varying states of compliance, with a fair number of organizations out there that still haven't even stepped up to the start line of their GDPR compliance journey.
Some 42 percent of IT security professionals ignore critical security issues, especially if they don’t know how to fix them (16 percent), according to a recent survey of 155 IT professionals by Oyutpost24.
Two weeks from today, companies that process personally identifiable information of EU citizens will feel the heat of the new data protection law that brings the biggest changes in 20 years to the European Economic Area. That law is the General Data Protection Regulation (GDPR), and it’s a big threat to the bottom line of those found non-compliant after May 25. A GDPR benchmark report focused on the financial sector reveals that investment firms are extremely ill-equipped to face GDPR requirements.
The number of reported data breaches dipped in the first quarter of 2018, even as the total of records compromised in the quarter remaining high, at 1.4 billion. Researchers were intrigued by the numbers, but Bitdefender telemetry might hold some clues about the drop, while the looming General Data Protection Regulation (GDPR) is likely also responsible for the swoon.
With the Nutanix NEXT event wrapping up today, we’re happy to finally break the news: our award-winning GravityZone cloud-workload protection platform is now integrated with the Nutanix Prism management solution. In addition to the integration, we’re also announcing the availability of the GravityZone Calm Marketplace blueprint.
The accepted wisdom in the field of cybersecurity is that things are getting worse, and that more businesses are losing control of more data than ever before.
Ransomware attacks have emerged as a key cyber security threat for global organizations, according to the recently released 2018 Data Breach Investigations Report from Verizon.
It’s perhaps one of the most well-known and understood foundations of enterprise security – finding and patching outdated software with software updates. However, a newly released survey from cloud IT services provider ServiceNow, Today’s State of Vulnerability Response: Patch Work Demands Attention, found that there is still much work that must be done within the enterprise to close the window of vulnerability, that time between when an application vulnerability becomes known and it is remedied.
A recent Bitdefender survey of 1,050 chief information security officers found while half the respondents admitted their company was breached in the last year one in six who did so still couldn’t identify how the attack happened.
Update November 2019: One of the most notable cryptojacking attacks of 2019 was based on Microsoft's BlueKeep vulnerability, which was used to deliver cryptomining software to legacy Windows systems starting summer 2019.
This proves that cryptomining is still a preferred payload for attackers who receive immediate financial rewards from each victim they infect without their knowledge.
Do you think automation and AI/machine learning will help your organization close its internal skills gap? A recent study from the Ponemon Institute found otherwise — at least for now. According to the Ponemon Institute study (funded by security vendor DomainTools) also found that the cybersecurity professional skills shortage will increase as automation technologies increase.
The main goal of MSPs is to help businesses grow by ensuring agility, scalability, and security. This means MSPS need to constantly learn and adapt to sophisticated threats, and deliver a full complement of security services and technologies that address individual risks for each company. Consequently, MSPs need to stay on-par with security trends and pay close attention to both threats and cutting-edge technologies that can mitigate them.
Last week's DevOps Connect event at RSA Conference brought together some of the leading minds in the DevOps and AppSec communities to discuss DevSecOps. Given the audience, a lot of the discussions focused on awareness themes for security folks still wrapping their heads around the idea of embedding their people into cross-functional DevOps teams. But each year these DevOps confabs at RSAC, the security audience grows savvier in continuous delivery principles, and the programming is trending more toward the real nuts and bolts of instituting DevSecOps.
