While many had hoped that along with the rise of cloud computing would come a more simple era of enterprise computing. In some ways, it has. With software as a service enterprise no longer have to contend with managing the infrastructure to support so many applications. With infrastructure as a service enterprises can cut the amount of infrastructure they must manage. It’s reduced the amount of infrastructure and applications that must be directly protected, patched, and maintained. But the era of more simple computing never arose.
All about Virtualization and Cloud Security | Recent Articles:
82% of IT Execs Fear Criminals Will Soon Adopt Machine Learning to Create More Advanced Threats
Artificial intelligence and machine learning are extensively used in cyber defense, but what happens if they backfire and hackers use these technologies for crime? As they concentrate on the capabilities and benefits it can bring to everyday lives, companies have not really focused on how cybercriminals can use AI to create even more advanced and sophisticated threats.
The Center for Medicare and Medicaid Services (CMS) announced that it has detected anomalous activity in its Federally Facilitated Exchanges (FFEs) Direct Enrollment pathway for agents and brokers. This is the system that enables agents and brokers to help consumers with their coverage applications to the FFEs. One can imagine the type and quantity of sensitive information shared on these systems.
The more “cyber security ready” a business becomes, the better its overall business outcomes. Unfortunately, many organizations worldwide are not cyber security-ready.
Supermarket Told it Must Compensate 100,000 Workers after Payroll Data Deliberately Leaked by Rogue Employee
Morrisons didn’t know it, but in 2014 it had a huge problem. The UK’s fourth largest supermarket chain, with over 500 stores, had a disgruntled member of staff who had access to sensitive data, such as the payroll information of 100,000 current and former employees.
It was late September when the news broke that the personal data of 1.5 million citizens had been stolen from a government health database in Singapore, SingHealth. While authorities called the attack targeted and well-planned, the evidence coming out points to potential mismanagement of the server as being the likely culprit.
Even though technology budgets have increased, companies are still vulnerable to attacks due to a major cybersecurity workforce gap. For some reason, the gap has widened to a staggering 3 million across North America, Latin America, Asia-Pacific (APAC), and Europe, the Middle East and Africa (EMEA), according to a study by (ISC)2. To reach this conclusion, a number of factors were analyzed, including how many organizations have cybersecurity roles open.
Businesses with a good understanding of the latest cyber-security solutions and data protection laws are reaping the payoff in terms of significant revenue growth, according to a report by Oxford Economics.
Failure to Detect a Breach May Wreak Havoc in Corporate IT Infrastructures, CISOs Say
Failure to detect an advanced cyberattack or a targeted threat as soon as it occurs may lead to full infrastructure compromise, irreversible data loss, and financial repercussions from which some companies may never recover, according to a Bitdefender survey of 1,050 CISOs in the US and Europe.
Anthem Agrees to $16 Million Settlement Following Compromise of 80 Million Health Records
Anthem, the second-largest health insurer in the US, will pay $16 million to the US Department of Health and Human Services, Office for Civil Rights following a data breach that exposed the electronic protected health information (ePHI) of almost 80 million people. Anthem will also initiate a corrective action plan to include thorough risk analysis and regular reporting.
Much like the early days of virtualization, containers got a bum rap when it came to data security. I say this because just like virtualization, securing containers is more about securing what is happening inside, rather than the security of the wrapper.
Artificial Intelligence and Machine Learning: The Most Effective Weapons Against Ransomware
An essential part of an IT department’s mission is to stay atop the latest technological trends. And that includes protecting corporate networks by leveraging the latest security solutions and processes.
Lack of Specialists, Tools, Budget and Knowledge Are the Main Roadblocks for Financial Sector in 2018
The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.
Ransomware Might Not be as Prevalent, but Organizations Still Need to Be as Vigilant as Possible in Building Defenses
How big a problem is ransomware for organizations, and is it getting worse? That depends on who’s providing the information about this cyber threat—although experts seem to agree that organizations need to continue taking ransomware seriously.
IDC Numbers Show Security Spending Is Off the Charts, Budgets Appropriately Reflected by Business Size
Security remains a top-of-mind priority for companies in every vertical as they seek to protect themselves from cyber-attacks while meeting stringent new regulatory requirements. International Data Corporation (IDC) projects security will be a $133.7 billion market in 2022.
We’ve been writing for a few years now about the dangers of connected medical devices and how the U.S. F.D.A. has sought to increase the security of these devices. Previously, in St. Jude Takes Steps to Secure Vulnerable Medical Implants we covered the security surrounding St. Jude medical devices. We covered how the FDA Seeks Secure Medical Device Development Lifecycle and the FDA Prescribes Safer Path for Connected Medical Devices.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
The Stakes Are High for Data Breaches – Most Organizations Believe Hackers Can Penetrate Their Network
New data protection laws are cropping up at every pace, as cybercriminals continue to hone their infiltration techniques while the number of data breaches reported by businesses big and small continues to be on the rise.
The annual State of DevOps report is out for 2018 and the study offered up some very strong proof points for the tight relationship between mature DevOps practices and improved security operations.
Half of Businesses Have Yet to Take Control of Password Security; Technology Sector Leads the Pack
An enterprise’s first line of defense, experts agree, is the employee. And the first factor of enterprise authentication is the password. It takes a single untrained pair of eyes to fall for a phishing scam to let hackers into an infrastructure.
The importance of a strong enterprise cybersecurity culture to the overall effectiveness of an IT security department can't be understated. It's consistently named by executives as a crucial, if ephemeral, ingredient for cyber risk management success.
Cyber security executives are always looking for ways to keep a step ahead of the bad actors and the latest threats. Emerging technologies such as machine learning (ML) are providing a way to do that, and some IT and security leaders have begun taking advantage of tools that leverage these automated capabilities.
Cloud Security
Subscribe to Blog Updates
Posts by Categories
- Advanced Persistent Threat (4)
- APT (4)
- artificial intelligence (2)
- biometrics authentication (1)
- botnet (1)
- breach (3)
- bug bounty (1)
- business sabotage (1)
- business security (4)
- BYOD (28)
- CIO (12)
- CIRA 2020 Cybersecurity Report (1)
- CISO (16)
- cloud breach (1)
- cloud misconfiguration (2)
- Cloud Security (120)
- cloud-based apps (1)
- connected care (1)
- container security (1)
- corporate hijacking (3)
- covid-19 (2)
- credit card (3)
- cryptocurrency (7)
- cryptojacking (8)
- cryptomining (4)
- cyber insurance (2)
- Cyber Security Awareness Month (5)
- cyber threats (1)
- cyber-attack (10)
- cybersecurity awareness (26)
- data breach (30)
- data breaches (1)
- Data Protection (75)
- data protection act (3)
- datacenter (3)
- DevOps (10)
- EDR (5)
- Elasticsearch server (1)
- endpoint detection and response (1)
- Endpoint Protection & Management (18)
- Enterprise Security (424)
- Equifax (2)
- Events (4)
- FBI (1)
- financial services (15)
- garter (1)
- GDPR (21)
- General Data Protection Regulation (4)
- government alert (1)
- Healthcare (20)
- honeypot (1)
- HVI (1)
- hyperconverged infrastructure (1)
- hypervisor (15)
- hypervisor introspection (11)
- identity theft (4)
- Industries (33)
- insider threats (14)
- Integration (2)
- IoT (13)
- IoT botnet (2)
- IoT, Policy, security (9)
- IT Compliance & Regulations (32)
- Linux (1)
- Machine Learning (7)
- malware, threats (14)
- managed detection and response (1)
- managed services provider (3)
- memory introspection (12)
- Microsoft (3)
- misconfigured servers (1)
- mobile security (1)
- MSP (3)
- Network Protection (12)
- online sabotage (1)
- phishing (2)
- power grid (4)
- ransomware (9)
- ransomware, HVI (3)
- remote work (7)
- report (1)
- security (2)
- Security as a Service (15)
- Security Threats (61)
- SMB Security (44)
- Software-defined-datacenter (5)
- telecommunications (2)
- unsecure database (1)
- Virtualization & Data Center Security (70)
- vulnerability disclosure policy (1)
- WDATP (1)
- wfh (2)
Latest Tweets
Tweets by @Bitdefender_EntPosts by Month
- January 2021 (6)
- December 2020 (31)
- November 2020 (33)
- October 2020 (39)
- September 2020 (26)
- August 2020 (29)
- July 2020 (34)
- June 2020 (40)
- May 2020 (33)
- April 2020 (31)
- March 2020 (28)
- February 2020 (23)
- January 2020 (26)
- December 2019 (28)
- November 2019 (24)
- October 2019 (28)
- September 2019 (19)
- August 2019 (17)
- July 2019 (23)
- June 2019 (15)
- May 2019 (17)
- April 2019 (20)
- March 2019 (19)
- February 2019 (20)
- January 2019 (19)
- December 2018 (19)
- November 2018 (23)
- October 2018 (22)
- September 2018 (22)
- August 2018 (23)
- July 2018 (24)
- June 2018 (22)
- May 2018 (28)
- April 2018 (23)
- March 2018 (22)
- February 2018 (19)
- January 2018 (19)
- December 2017 (13)
- November 2017 (17)
- October 2017 (19)
- September 2017 (18)
- August 2017 (16)
- July 2017 (17)
- June 2017 (16)
- May 2017 (17)
- April 2017 (15)
- March 2017 (16)
- February 2017 (13)
- January 2017 (14)
- December 2016 (11)
- November 2016 (14)
- October 2016 (11)
- September 2016 (10)
- August 2016 (15)
- July 2016 (12)
- June 2016 (15)
- May 2016 (10)
- April 2016 (13)
- March 2016 (15)
- February 2016 (14)
- January 2016 (6)
- December 2015 (6)
- November 2015 (9)
- October 2015 (8)
- September 2015 (11)
- August 2015 (8)
- July 2015 (10)
- June 2015 (3)
- May 2015 (8)
- April 2015 (6)
- March 2015 (5)
- February 2015 (7)
- January 2015 (8)
- December 2014 (8)
- November 2014 (9)
- October 2014 (8)
- September 2014 (9)
- August 2014 (9)
- July 2014 (8)
- June 2014 (8)
- May 2014 (6)
- April 2014 (8)
- March 2014 (5)