While many had hoped that along with the rise of cloud computing would come a more simple era of enterprise computing. In some ways, it has. With software as a service enterprise no longer have to contend with managing the infrastructure to support so many applications. With infrastructure as a service enterprises can cut the amount of infrastructure they must manage. It’s reduced the amount of infrastructure and applications that must be directly protected, patched, and maintained. But the era of more simple computing never arose.
Artificial intelligence and machine learning are extensively used in cyber defense, but what happens if they backfire and hackers use these technologies for crime? As they concentrate on the capabilities and benefits it can bring to everyday lives, companies have not really focused on how cybercriminals can use AI to create even more advanced and sophisticated threats.
The Center for Medicare and Medicaid Services (CMS) announced that it has detected anomalous activity in its Federally Facilitated Exchanges (FFEs) Direct Enrollment pathway for agents and brokers. This is the system that enables agents and brokers to help consumers with their coverage applications to the FFEs. One can imagine the type and quantity of sensitive information shared on these systems.
The more “cyber security ready” a business becomes, the better its overall business outcomes. Unfortunately, many organizations worldwide are not cyber security-ready.
Morrisons didn’t know it, but in 2014 it had a huge problem. The UK’s fourth largest supermarket chain, with over 500 stores, had a disgruntled member of staff who had access to sensitive data, such as the payroll information of 100,000 current and former employees.
It was late September when the news broke that the personal data of 1.5 million citizens had been stolen from a government health database in Singapore, SingHealth. While authorities called the attack targeted and well-planned, the evidence coming out points to potential mismanagement of the server as being the likely culprit.
Even though technology budgets have increased, companies are still vulnerable to attacks due to a major cybersecurity workforce gap. For some reason, the gap has widened to a staggering 3 million across North America, Latin America, Asia-Pacific (APAC), and Europe, the Middle East and Africa (EMEA), according to a study by (ISC)2. To reach this conclusion, a number of factors were analyzed, including how many organizations have cybersecurity roles open.
Businesses with a good understanding of the latest cyber-security solutions and data protection laws are reaping the payoff in terms of significant revenue growth, according to a report by Oxford Economics.
Failure to detect an advanced cyberattack or a targeted threat as soon as it occurs may lead to full infrastructure compromise, irreversible data loss, and financial repercussions from which some companies may never recover, according to a Bitdefender survey of 1,050 CISOs in the US and Europe.
Anthem, the second-largest health insurer in the US, will pay $16 million to the US Department of Health and Human Services, Office for Civil Rights following a data breach that exposed the electronic protected health information (ePHI) of almost 80 million people. Anthem will also initiate a corrective action plan to include thorough risk analysis and regular reporting.
Much like the early days of virtualization, containers got a bum rap when it came to data security. I say this because just like virtualization, securing containers is more about securing what is happening inside, rather than the security of the wrapper.
An essential part of an IT department’s mission is to stay atop the latest technological trends. And that includes protecting corporate networks by leveraging the latest security solutions and processes.
The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.
How big a problem is ransomware for organizations, and is it getting worse? That depends on who’s providing the information about this cyber threat—although experts seem to agree that organizations need to continue taking ransomware seriously.
Security remains a top-of-mind priority for companies in every vertical as they seek to protect themselves from cyber-attacks while meeting stringent new regulatory requirements. International Data Corporation (IDC) projects security will be a $133.7 billion market in 2022.
We’ve been writing for a few years now about the dangers of connected medical devices and how the U.S. F.D.A. has sought to increase the security of these devices. Previously, in St. Jude Takes Steps to Secure Vulnerable Medical Implants we covered the security surrounding St. Jude medical devices. We covered how the FDA Seeks Secure Medical Device Development Lifecycle and the FDA Prescribes Safer Path for Connected Medical Devices.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
New data protection laws are cropping up at every pace, as cybercriminals continue to hone their infiltration techniques while the number of data breaches reported by businesses big and small continues to be on the rise.
The annual State of DevOps report is out for 2018 and the study offered up some very strong proof points for the tight relationship between mature DevOps practices and improved security operations.
An enterprise’s first line of defense, experts agree, is the employee. And the first factor of enterprise authentication is the password. It takes a single untrained pair of eyes to fall for a phishing scam to let hackers into an infrastructure.
The importance of a strong enterprise cybersecurity culture to the overall effectiveness of an IT security department can't be understated. It's consistently named by executives as a crucial, if ephemeral, ingredient for cyber risk management success.
Cyber security executives are always looking for ways to keep a step ahead of the bad actors and the latest threats. Emerging technologies such as machine learning (ML) are providing a way to do that, and some IT and security leaders have begun taking advantage of tools that leverage these automated capabilities.
