A new report published by KnowBe4 delves into the top security challenges and issues that IT professionals and UK-based organizations face, including attack types, security initiatives and organizational limits.
All about Virtualization and Cloud Security | Recent Articles:
Security Professionals Say COVID-19 Crisis Increased Cyber Threat to Enterprise Systems
A survey of some of the top IT security professionals who participated in the annual Black Hat USA conference underlined a key concern, with companies overwhelmingly believing that the COVID-19 pandemic increases cyberthreats.
Enterprises Bring Security Bad Habits Along With Their Digital Transformation Efforts
As enterprises continue with their digital transformations by automating their manual workflows, moving existing applications to the cloud, and developing and deploying new applications at a record pace, they’re also rapidly increasing the complexity in their environments, and as a result security controls and processes that should be in place continue to slip.
World Economic Forum Outlines Core Principles for Businesses Seeking to Reduce Cyber Risk
An optimistic new report by the World Economic Forum predicts businesses will prioritize security in a bid to ensure longer-term success. The reason? A rapid increase in cyberattacks and pressures escalating from changes prompted by COVID-19.
The Internet of Things (IoT) ecosystems may be populated by all the latest and innovative devices, but it's also home to legacy devices, which in many cases, are points of entry for adept hackers looking for a way into the infrastructure.
IT Departments May Be Helping Bad Actors with New Apps for Untrained Staff, New Research Shows
Rapid changes to how businesses operate offer excellent opportunities for malicious actors to access corporate networks. Infosec professionals report that phishing and whaling attacks taking advantage of unwary employees have risen during the pandemic. At the same time, IT departments are deploying new technologies to support remote work without consulting those on the receiving end, potentially fueling bad actors’ malicious campaigns against businesses.
SOC Teams Care Too Much About Detecting Cyberthreats and Not Enough About MTTD
The self-assessed effectiveness of corporate security operations centers (SOCs) seems to be overestimated by the people working in those positions, a new study from Exabeam revealed.
Half of U.S. Businesses Have Yet to Mandate New Security Policies for Remote Workers
Before the COVID-19 pandemic, more than 80% of Americans had worked from home either rarely or not at all. Now, more than half are doing so, with no new security policies to help guide them, according to an IBM survey conducted by Morning Consult.
Most Employees Overestimate their Ability to Work Safely from Home, Study Finds
Most people are confident they can keep personal identifiable information (PII) secure while working from home. That comes in stark contrast with the fact that more than 50% use their laptops for work, according to a study from IBM Security and Morning Consult.
Last year, one in six businesses met ransom demands of cybercriminals, according to the most recent Hiscox Cyber Readiness Report.
We get so deluged with news stories about data breaches that it’s easy to lose sight of the forest for the trees. Consider, according to a newly released report from ForgeRock, the ForgeRock Consumer Identity Breach Report, which found that more than 5 billion records were exposed last year. That’s a lot of information on a lot of information pertaining to a lot of people.
Most small and medium enterprises (SMEs) are planning to increase their cyber-insurance spending in the next couple of years, according to a new industry report.
Enterprises are putting the brakes temporarily on security spending amid the chaos of the global pandemic, but analysts believe that 2020 will still see growth in the market. A new worldwide security and risk management spending forecast released by Gartner this week updated numbers downward, with the firm projecting infosec spending to grow 2.4% this year compared to the more rosy 8.7% it predicted in December 2019. If the stats hold, the security market will hit $123.8 billion by year end.
Enterprise digital transformations are making the jobs of enterprise security teams to properly manage and secure their environments even more challenging. After all, as digital transformations have rapidly increased the complexity of environments as technology teams strain to maintain existing systems, deploy new cloud services, manage IoT devices, and constantly develop and deploy more applications.
Since the very beginnings of the novel coronavirus (COVID-19) pandemic, businesses of all sizes have struggled to adjust to the new occupational normal. IT teams have not been immune to the disruption. Neither have information security teams for that matter. While employment in the IT sector remains much more resilient than other segments of the economy, employment in the IT sector still declined by about 1% last month, even as businesses compete for technical talent and continue digital transformations.
Most Forbes Global 2000 organizations don’t have even basic domain security in place, leaving them open to attacks with potentially devastating consequences, according to a report from Digital Brand Services (DBS).
The Cybersecurity Skills Gap Continues, with SOCs Lacking as Many as 10 Key Employees in 2020
The vast majority of security operations centers (SOCs) are confident in their ability to counter cyber threats, yet few of their frontline workers can aptly track mean time to detection, while organizations still struggle with SOC staff shortages, new research shows.
Passwords are a huge hassle. We all must use them, and generally hate doing so. There’s no way to sugarcoat it. The typical user has hundreds of username and password combinations that they must remember and manage. We all forget and must reset passwords regularly. And, over time, many of these accounts, along with the associated passwords, will be abandoned. And over time, they will be compromised. Because so many people reuse their passwords, those credentials will lead to data breaches.
Customers will avoid businesses that compromise users’ data during the COVID-19 pandemic because of poor security practices, new research from PCI Pal has found.
Security has been a huge concern for both businesses and individuals as many employees continue to work from home, with many woefully under prepared for the impact that COVID-19 has had. In fact, new research by Bitdefender found half of infosec professionals (50%) didn’t have a contingency plan in place for COVID-19 or a similar scenario. These findings, and more, are revealed today in the first instalment of Bitdefender’s yet to be released global 10 in 10 Study. The section — The Indelible Impact of COVID-19 on Cybersecurity — details the pressures faced by infosec professionals during COVID-19.
Bad Actors Target Unsecure Databases An Average of 18 Times Per Day, New Research Shows
Many companies accidentally leave their databases exposed on the web, and data breaches or security incidents occur daily. Unsecured and misconfigured servers often lead to data leaks that can become logistical and legal nightmares for companies, leaving the privacy and security of customers or company assets at risk.
Credit-Card Skimming Malware Hit Websites As Coronavirus Lockdown Forced Retailers to Close High Street Stores
On March 20th, the Claire's accessories retail chain beloved by young girls around the world made the sensible decision to close all of its physical stores in response to the Coronavirus Covid-19 pandemic.
- Managed detection and response programs vary widely so carefully evaluate service provider competencies
- Beware of buzzwords in MDR vendor claims that provide little insight into their true service capabilities
- Focus your MDR goals on achieving superior security outcomes, not just on managing the flow of alerts
- Effective MDR integrates people, processes, and technology to provide wide coverage at an affordable cost
Even though the number of DDoS attacks decreased over 2019, their complexity and size increased significantly, according to new research from the National Scrubbing Center against DDoS attacks.
- Linux Server security historically pales in comparison to what has long been available for Windows Servers
- Transient containers frequently run the most sensitive business workloads yet are blind to security teams
- Security often breaks when upgrading server OS or changing multi-distro Linux configurations
- Server Security for Linux and Containers Beta Evaluation Program enrolling now
A new vulnerability named 'CallStranger' is making the rounds in the IoT world, illustrating the dire security issues that users confront every day. The vulnerability is also a perfect example of why dedicated IoT security measures are needed to cover the gaps left by manufacturers.
Frost & Sullivan: Advanced Cyber Threats Drive Increased Demand for Managed Detection and Response (MDR) Solutions
The increasing number of sophisticated cyber threats is set to increase demand for Managed Detection and Response (MDR) solutions from the business sector, according to a new forecast by Frost & Sullivan.
SMBs Overwhelmingly Believe They Are Ready to Deal with Cybersecurity Incidents
Most small and medium-sized businesses (SMBs) believe they are prepared for a cyberattack or any informatic disaster, but few are actually ready to deal with the aftermath of such an incident, according to new research published by Infrascale.
Clients Often Hold CEOs Personally Responsible for Ransomware Attacks, Research Shows
The general public is becoming increasingly well-educated about cyber-attacks and ransomware in particular – so much so that consumers are becoming unforgiving of businesses that don't take security seriously. And when they look for someone to blame, they often point the finger at the highest ranks in the organization.
Cyber security teams are continuing to struggle with hiring and retention issues, and they have not achieved significant improvement in these areas over the past year, according to a global study released earlier this year by technology professional association ISACA.
Vast Majority of Australian Companies Believe Their Cybersecurity Is Failing
Australian companies don’t trust their current cybersecurity solution and overwhelmingly think their investments in this critical business are failing, according to a new survey of executives in all major industries.
Organizations around the world consider innovation to be a top business priority and they are captivated by the potential of emerging technologies. At the same time, however, they’re concerned about their cyber security readiness and the struggle to hire enough workers who have the right skills to meet the organization’s needs.
Most IoT devices have vulnerabilities that leave them open to DDoS attacks, according to Bitdefender's telemetry. There's no easy fix to such a complex problem, but there are clever ways to prevent smart devices from serving the malicious intents of criminals.
The CISO role is rapidly evolving as organizations put more responsibility on the plates of their security and risk executives, particularly within large enterprises. In spite of that, a new survey report from security consulting firm Kudelski Security indicates that there is still "no well defined path to becoming a CISO or other senior security leader." The study shows that many organizations are still shooting from the hip when it comes to security succession planning, recruiting security specialists, and grooming senior security leaders with the skills and traits increasingly required by the business to run enterprise-class cybersecurity programs.
Eight in 10 companies across the United States have experienced a data breach made possible by cloud misconfigurations, according to new research by IDC.
The latest report from the White House's Office of Management and Budget (OMB) shows that the number of cybersecurity incidents dropped in 2019, partly due to better security programs and increased investments.
Half of Enterprises Have No Dedicated Staff, Processes or Policies for IoT Security
Global enterprises report greater efficiency and productivity, better product/service quality, and improved customer retention and experience, all thanks to recent deployments of Internet of Things (IoT) solutions. But business leaders are also concerned about their next steps. As IoT deployments greatly expand the attack surface for cybercriminals, half of businesses banking on IoT are doing so unprepared to combat cyber risks associated with these purchases.
The term “cyberattack” brings to mind malware, social engineering, network vulnerabilities or unpatched endpoints. But how do malicious actors manage to unleash their attack kill-chain in the first place? What is it that opens the gates to exploiting a weakness and breaching the infrastructure? With human error behind most successful attacks, perhaps we should look not beyond these culprits, but behind them.
The cost of cybersecurity compliance is rising to unsupportable levels and enterprises are going to need to act soon if they are to keep the situation from hindering innovation, according to a new report. Conducted jointly by analyst firm Omdia and security advisory consultancy Coalfire, the study shows that over half of firms across all the major verticals are spending 40% or more of their IT security budgets on compliance today.
Cloud Security
Subscribe to Blog Updates
Posts by Categories
- Advanced Persistent Threat (4)
- APT (4)
- artificial intelligence (2)
- biometrics authentication (1)
- botnet (1)
- breach (3)
- bug bounty (1)
- business sabotage (1)
- business security (4)
- BYOD (28)
- CIO (12)
- CIRA 2020 Cybersecurity Report (1)
- CISO (16)
- cloud breach (1)
- cloud misconfiguration (2)
- Cloud Security (120)
- cloud-based apps (1)
- connected care (1)
- container security (1)
- corporate hijacking (3)
- covid-19 (2)
- credit card (3)
- cryptocurrency (7)
- cryptojacking (8)
- cryptomining (4)
- cyber insurance (2)
- Cyber Security Awareness Month (5)
- cyber threats (1)
- cyber-attack (10)
- cybersecurity awareness (26)
- data breach (30)
- data breaches (1)
- Data Protection (75)
- data protection act (3)
- datacenter (3)
- DevOps (10)
- EDR (5)
- Elasticsearch server (1)
- endpoint detection and response (1)
- Endpoint Protection & Management (18)
- Enterprise Security (424)
- Equifax (2)
- Events (4)
- FBI (1)
- financial services (15)
- garter (1)
- GDPR (21)
- General Data Protection Regulation (4)
- government alert (1)
- Healthcare (20)
- honeypot (1)
- HVI (1)
- hyperconverged infrastructure (1)
- hypervisor (15)
- hypervisor introspection (11)
- identity theft (4)
- Industries (33)
- insider threats (14)
- Integration (2)
- IoT (13)
- IoT botnet (2)
- IoT, Policy, security (9)
- IT Compliance & Regulations (32)
- Linux (1)
- Machine Learning (7)
- malware, threats (14)
- managed detection and response (1)
- managed services provider (3)
- memory introspection (12)
- Microsoft (3)
- misconfigured servers (1)
- mobile security (1)
- MSP (3)
- Network Protection (12)
- online sabotage (1)
- phishing (2)
- power grid (4)
- ransomware (9)
- ransomware, HVI (3)
- remote work (7)
- report (1)
- security (2)
- Security as a Service (15)
- Security Threats (61)
- SMB Security (44)
- Software-defined-datacenter (5)
- telecommunications (2)
- unsecure database (1)
- Virtualization & Data Center Security (70)
- vulnerability disclosure policy (1)
- WDATP (1)
- wfh (2)
Latest Tweets
Tweets by @Bitdefender_EntPosts by Month
- January 2021 (6)
- December 2020 (31)
- November 2020 (33)
- October 2020 (39)
- September 2020 (26)
- August 2020 (29)
- July 2020 (34)
- June 2020 (40)
- May 2020 (33)
- April 2020 (31)
- March 2020 (28)
- February 2020 (23)
- January 2020 (26)
- December 2019 (28)
- November 2019 (24)
- October 2019 (28)
- September 2019 (19)
- August 2019 (17)
- July 2019 (23)
- June 2019 (15)
- May 2019 (17)
- April 2019 (20)
- March 2019 (19)
- February 2019 (20)
- January 2019 (19)
- December 2018 (19)
- November 2018 (23)
- October 2018 (22)
- September 2018 (22)
- August 2018 (23)
- July 2018 (24)
- June 2018 (22)
- May 2018 (28)
- April 2018 (23)
- March 2018 (22)
- February 2018 (19)
- January 2018 (19)
- December 2017 (13)
- November 2017 (17)
- October 2017 (19)
- September 2017 (18)
- August 2017 (16)
- July 2017 (17)
- June 2017 (16)
- May 2017 (17)
- April 2017 (15)
- March 2017 (16)
- February 2017 (13)
- January 2017 (14)
- December 2016 (11)
- November 2016 (14)
- October 2016 (11)
- September 2016 (10)
- August 2016 (15)
- July 2016 (12)
- June 2016 (15)
- May 2016 (10)
- April 2016 (13)
- March 2016 (15)
- February 2016 (14)
- January 2016 (6)
- December 2015 (6)
- November 2015 (9)
- October 2015 (8)
- September 2015 (11)
- August 2015 (8)
- July 2015 (10)
- June 2015 (3)
- May 2015 (8)
- April 2015 (6)
- March 2015 (5)
- February 2015 (7)
- January 2015 (8)
- December 2014 (8)
- November 2014 (9)
- October 2014 (8)
- September 2014 (9)
- August 2014 (9)
- July 2014 (8)
- June 2014 (8)
- May 2014 (6)
- April 2014 (8)
- March 2014 (5)