Cyber security for small and mid-sized businesses (SMBs) is a particularly daunting challenge. These companies face many of the same cyber security threats that the largest global enterprises deal with—but often with a fraction of the resources. Aside from the obvious disadvantages smaller organizations face, there are also a number of misconceptions about security that can get in the way of better protection.
Black Hat has grown to be one of the cybersecurity industry’s most well attended and anticipated events. Typically, more than 20,000 attendees converge each year in Las Vegas to learn more about the latest products and technologies, hear from security researchers and keynote speakers, and of course pick up some vendor swag. Due to the pandemic, however, this year looked a little bit different. But different doesn’t necessarily mean it was “bad”; in fact, the Bitdefender team had some interesting takeaways from the show. Read on to learn more
The use of containers to increase speed of deployment and portability for modern applications is growing rapidly. Now part of the standard architecture for cloud-native businesses, Gartner predicts that, by 2025, 85 percent of organizations will run containers in production, up from less than 30 percent in 2020.
Protection requirements for cloud workloads continue to grow as organizations accelerate their adoption of containers and host an ever-increasing number of workloads in hybrid and multi-cloud architectures. Cloud Workload Protection Platforms (CWPP) are critical to protect these workloads from cyberattack and provide security teams with visibility into, and control of, cloud-based infrastructure and applications.
Advanced Persistent Threats (APTs) continue to produce challenges for security teams. The ability to track and mitigate threats, such as StrongPity APT, Lazarus and the elusive Nebulae backdoor , is critical to being resilient against APTs. One of the best ways that security teams can both detect and respond to advanced threats is by using the MITRE framework. Unfortunately, these resources are not always available to security operation centers (SOCs), managed security services providers (MSSPs) or in-house security teams due to budget constraints and available high-level talent.
Come August, the Bitdefender team – along with some 20K security and InfoSec professionals – will descend on Las Vegas for four days of revelry on and about the latest security risks, research, and trends.
Update: July 13, 2021 -- Kaseya issued a critical security update for VSA users that is available on their site - Kaseya Critical Security Update. We recommend users follow Kaseya's recommended updates as soon as possible.
- - - - - - - - - - - - - - -
We continue to monitor and analyze the attack using Kaseya Software to deploy a variant of REvil ransomware into a victim’s environment. The attack targeted Kaseya’s managed service provider (MSP) customers, which often provide IT support to small- to medium-size businesses. By targeting MSPs, attackers also seek to access and infiltrate the MSP’s customers computer networks.
Implementing and managing security is not easy for any organization. We recently had the opportunity to (virtually) sit down with key analysts from IDC including Martha Vazquez, senior research analyst, IDC Security Services, Craig Robinson, program director, IDC Security Services, and Philip Harris, research director, risk, advisory, management and privacy. These analysts are on the front lines of cybersecurity research, advising organizations on security strategy. Our Q&A session covered topics like, “Do organizations still view MDR as just advanced EDR?”, “What are the top priorities for the modern CISO today?” and “What does it mean to be a resilient organization?”
- IT security teams face the challenge of a complex, evolving threat landscape
- Threats are increasing in sophistication and the attack surface is expected to grow
- Security tipping point is determined by gaps in time, skills, efficiency and outcomes
- EDR and MDR represents two viable paths you can take to achieve solid security defenses
This week Bitdefender was named in a press article regarding our decision to release a free decryptor in January 2021 to help those affected by Darkside ransomware. The authors of the article assert that publicly releasing a ransomware decryptor enables malicious actors to modify their methods to evade future decryption, thus increasing the risk of successful future attacks.
We did it! Five of our talented, channel focused ladies including Anamaria Diaconu, Heather Harlos, Paula Enache, Randi Fleming and Samantha Sisk have been honored by CRN in the 2021 Women of the Channel list.
On May 12, 2021, U.S. President Biden signed the highly anticipated Executive Order (EO) on Improving the Nation’s Cybersecurity (and the government issued a fact sheet summary of the contents). U.S. Presidents use Executive Orders (EO) to provide guidance to federal agencies as part of enforcing laws passed by Congress and managing the executive branch of the U.S. Government. This EO is the most detailed ever issued on the topic of cybersecurity in the nation’s history. It has global implications because of the size of the U.S. Federal Government and its purchasing authority for cybersecurity solutions – estimated to be nearly $20 billion annually.
