- To fix a problem you first need to know of its existence
- IoT devices are often the target of malware botnets and campaigns
- ISPs need to deal with IoT security from a much broader perspective
All about Virtualization and Cloud Security | Recent Articles:
Most Companies in US and Canada Gather User Data through Third-Party Code without Telling Customers, Survey Finds
- Advertisers usually use gathered data to better target customers
- Most companies allow some sort of user tracking
- The more money companies makes from ad revenue, the laxer the rules governing data gathering
ICO Calls on UK Businesses to Ensure Lawful Flow of Data Under GDPR as Brexit Transition Period Ends
- SMEs must check whether they are impacted before the end of the UK’s transition period with the EU
- Watchdog offers guidance and resources on the actions they may need to take if they use personal data
- Update offers a reminder of what personally identifiable information (PII) is and how it’s classified
- 59% of employed Americans are more concerned about creating a strong password for personal accounts than work accounts
- 70% of remote workers don’t consider it their responsibility to keep their corporate account secure
- Organizations are behind in educating their employees on the risks associated with a compromised corporate account
- Human Risk Analytics enables IT admins to stay afloat of insider threats
Organizations Relied More in 2020 on Crowdsourced Cybersecurity, Report Finds
- Companies need bug bounty platforms now more than ever
- The increase in the number of threats in 2020 pushed companies to secure their products better
- Human error is a main source of cyber risk
Poor Security Habits Might Force Companies to Bring Employees Back to the Office
- 69% admit to using corporate devices for personal use
- 57% say they allow other members of their household to use their corporate devices for schoolwork, gaming and shopping
- 82% admit to reusing passwords
As 2020 is finally and fortunately coming to an end, here at Bitdefender, we’re already exploring what will happen next year and getting our defenses ready. While our crystal ball might not be perfect, here is a shortlist of what we expect in the 2021 cyber-threat landscape:
Most Industries Plan Substantial Investments in IT to Support Remote Workers in 2021
- Organizations don’t want to be caught off-guard again by a COVID-like crisis
- Most industries believe work-from-home is here to stay and are prearing to invest accordingly in security
- Some industries will invest way over 100 percent in their IT departments
Bitdefender Endpoint Detection and Response, The Vaccine You Need for Advanced Threats
- Advanced targeted threats are designed with a defined purpose to infect and remain undetected in a network over a prolonged period
- Endpoint Protection has fundamental limitations as advanced threats easily circumvent traditional defenses by using varied tactics, techniques and procedures (TTPs)
- Bitdefender Endpoint Detection and Response (EDR) provides superior performance, security analytics and incident management capabilities to enjoy a privileged spot amongst competition
Half of Cybersecurity Seniors Have Changed Their Defense Strategies Due to COVID-19
- 23% admitted experiencing a remote attack or disruption since the beginning of the pandemic
- The greatest perceived threats are malware and insider threats
- 29% of security seniors said they have invested in new tools but still feel inadequately protected
61% of IT Security Leaders Say Remote Workers Have Caused a Data Breach This Year
- Employees are 85% more likely today to leak files than pre-COVID
- 59% of IT security leaders say insider threat will increase or ‘significantly’ increase in the next two years
- More than half of organizations have no insider risk response plan
- 40% of organizations don’t assess how effectively their technologies mitigate insider threats
Bitdefender’s Response to FireEye and SolarWinds Breaches and Recommendations for Organizations
The recent breaches making headlines is a stark reminder that no organization is immune to cyberattacks. We firmly stand by FireEye and SolarWinds and commend them for their transparency and rapid response to help minimize impact to those affected. Like us, they fight the good fight.
Half of Businesses Say Remote Work Pays Off, But Security Is Becoming a Major Concern
- Nearly a quarter of organizations worry about security risks introduced by users working from home
- Only 27% reported full or complete visibility into user activity
- Users are mixing personal and corporate use on their work laptops and are more susceptible to phishing attacks at home
How to Choose a Reliable Security Licensing Provider - Seven Steps for Your Integration’s Success
The security landscape, as well as the fast-growing market behind it, can be highly unpredictable. From adaptable threats to surges in demand, there are countless ways your company can be caught off guard. And never was this trend more visible than in the past year, when the increase in remote work prompted an avalanche of cyber threats.
- Demand for digital transformation is driving low code development platforms.
- While line-of-business workers creating software alleviates development team burdens, it can increase risk.
- Enterprises must ensure that they are managing all apps in their portfolio.
While economies were slowed down by the recent health crisis, the same cannot be said about cyber crime. Threat actors used this period as a proving ground, a time to test and perfect their tools. As the ‘’digital continuum’’ became a reality, cyber attacks diversified and exploited new ways of compromising systems.
- Attackers spoof the Microsoft.com domain
- Lookalike websites used to steal credentials
- Microsoft doesn’t implement the DMARC protocol
-
With malware increasingly adopting the “as-a-service” business model, Advanced Persistent Threat (APT) groups that have traditionally been state sponsored, may see tremendous value in using the business model as well.
-
Organizations of all sizes and verticals should consider evaluating and updating their threat models to include APTs, or risk falling victim to data breaches and industrial espionage.
FBI and CISA Roll Out Best Practices to Serve as a Cornerstone of Organizations’ Cybersecurity Strategies
- Feds offer advice on how to build and maintain a strong cybersecurity posture in the face of advanced hacker attacks
- Network best practices should act as a cornerstone of anyone’s cybersecurity strategy, regardless of industry or organization size
- FBI and CISA do not recommend paying ransoms as “payment does not guarantee files will be recovered”
- Advisory also includes a table containing signatures for some of the most common pieces of malware used today
- People are not always the weakest link
- Trickbot was hit, but it’s operators are trying to make a comeback
- ISP’s devices are oftentimes unwilling participants in massive botnet networks
5G Adoption Will Require Hiring Skilled Security Experts, Business Professionals Say
- 4% of professionals currently use 5G and 80.7% plan to adopt 5G in the year ahead
- 30% believe 5G will mandate investing in skilled security professionals needed for implementation, maintenance and operations
- disruption caused by the COVID-19 pandemic had mixed impacts on organizational plans to adopt 5G
Stay Competitive with Minimum Cost – Upgrade Your Offer with Licensed Technology
If the countless cyber attacks from the past months have made anything clear, it’s that threat actors move fast. Extremely fast. Worse yet, even if their targets and goals differ, cyber criminals collaborate. Much like the security world, which pools resources to highlight new threats, the cyber crime world connives to makes those threats more elusive.
- New Infographic breaks down the key attack stages and specific detections revealed by Bitdefender solutions
- Visually summarizes our detailed exposé of a Chinese APT group targeting Southeast Asian governments
- Bitdefender technology detects the malicious payloads and maps the behavior in each attack stage
- Proves the value of Endpoint Detection & Response, Managed Detection & Response and MSP solutions
- 624,000 U.S. security brokers recently targeted by FINRA spoofing attempts
- 50,000 fake login pages spoofing 200 brands tracked by researchers earlier this year
- 61% of Global 2000 firms do not use protections like DMARC authentication
- Too many IoT devices ship from the manufacturer with vulnerabilities and inadequate ways to update devices once they are deployed.
- The U.S. federal government hopes to establish a security standard through the National Institute of Standards and Technology.
- The U.S. federal government hopes it will be able to positively influence the security of IoT devices through its purchasing power
Organizations Adopting Cloud-Native Apps Struggle with Security Issues Stemming from API Sprawl, Survey Shows
- 86% of respondents say their organization is actively using or has started using cloud-native apps today
- due to security and networking issues, only 10% run half or more business apps on Kubernetes and only 12% run a quarter or more based on microservices
- 58% of respondents say the growing volume of APIs in modern cloud-native apps is causing them problems
- respondents cited security as the top challenge resulting from this API sprawl
- DevOps teams with high levels of security integration are more than twice as likely to use self-service security and compliance validation
- Only 25% of orgs with low security integration can remediate security vulnerabilities in one day
- Fewer organizations are taking steps to mitigate cyber security risks compared with a year ago, even though the level of concern about threats has increased during the pandemic, according to a survey of business leaders.
- Nearly one quarter of the respondents said their company had been a victim of a cyber event.
- Cyber security concerns appear to be driven by the impact of the pandemic on businesses’ operations and workforces.
- Enterprises should consider taking certain steps to help reduce risk during a time of ongoing uncertainty and remote workforces.
Cloud Security Is a Primary Concern for Most Companies and Decision Makers, Report Finds
- Data loss is one of the issues most companies fear
- Many organizations continue to implement legacy solutions to secure modern cloud environments
- Privacy is also a challenge for more organizations that deal with private data
- Remote-working has seen wider use of web-based email services
- Hackers have compromised web-based email systems to plant auto-forwarding rules to help them scam businesses
Bitdefender Launches New Dedicated Endpoint Detection and Response (EDR) Product and Some Important GravityZone Enhancements
- Bitdefender Endpoint Detection and Response is our new EDR product that supplements any third-party endpoint security solution
- GravityZone gets a new executive dashboard and an enhanced SIEM connector
- All Bitdefender EDR products now feature custom EDR detection rules capabilities
Cloud Security
Subscribe to Blog Updates
Posts by Categories
- Advanced Persistent Threats (7)
- CISO (20)
- Cloud Security (122)
- Cybersecurity Awareness (28)
- Endpoint Detection and Response (6)
- Endpoint Protection & Management (25)
- Enterprise Security (428)
- Events (4)
- Financial Services (16)
- Healthcare (22)
- IoT Security (24)
- IT Compliance & Regulations (53)
- Machine Learning (9)
- Managed Detection and Response (8)
- Managed Service Providers (19)
- Network Protection (11)
- Privacy and Data Protection (105)
- Ransomware (12)
- Remote Work (5)
- SMB Security (44)
- Telecommunications (2)
- Threat Research (94)
- Virtualization & Data Center Security (81)
Latest Tweets
Tweets by @Bitdefender_EntPosts by Month
- February 2021 (9)
- January 2021 (12)
- December 2020 (31)
- November 2020 (33)
- October 2020 (39)
- September 2020 (26)
- August 2020 (29)
- July 2020 (34)
- June 2020 (40)
- May 2020 (33)
- April 2020 (31)
- March 2020 (28)
- February 2020 (23)
- January 2020 (26)
- December 2019 (28)
- November 2019 (24)
- October 2019 (28)
- September 2019 (19)
- August 2019 (17)
- July 2019 (23)
- June 2019 (15)
- May 2019 (17)
- April 2019 (20)
- March 2019 (19)
- February 2019 (20)
- January 2019 (19)
- December 2018 (19)
- November 2018 (23)
- October 2018 (22)
- September 2018 (22)
- August 2018 (23)
- July 2018 (24)
- June 2018 (22)
- May 2018 (28)
- April 2018 (23)
- March 2018 (22)
- February 2018 (19)
- January 2018 (19)
- December 2017 (13)
- November 2017 (17)
- October 2017 (19)
- September 2017 (18)
- August 2017 (16)
- July 2017 (17)
- June 2017 (16)
- May 2017 (17)
- April 2017 (15)
- March 2017 (16)
- February 2017 (13)
- January 2017 (14)
- December 2016 (11)
- November 2016 (14)
- October 2016 (11)
- September 2016 (10)
- August 2016 (15)
- July 2016 (12)
- June 2016 (15)
- May 2016 (10)
- April 2016 (13)
- March 2016 (15)
- February 2016 (14)
- January 2016 (6)
- December 2015 (6)
- November 2015 (9)
- October 2015 (8)
- September 2015 (11)
- August 2015 (8)
- July 2015 (10)
- June 2015 (3)
- May 2015 (8)
- April 2015 (6)
- March 2015 (5)
- February 2015 (7)
- January 2015 (8)
- December 2014 (8)
- November 2014 (9)
- October 2014 (8)
- September 2014 (9)
- August 2014 (9)
- July 2014 (8)
- June 2014 (8)
- May 2014 (6)
- April 2014 (8)
- March 2014 (5)