- Only 20% of organizations believe they've reached full DevSecOps maturity
- Nine in 10 DevOps organizations have experienced a security incident in their Kubernetes and cloud environments
- Approximately 60% of developers say they get little to no secure coding training
All about Virtualization and Cloud Security | Recent Articles:
- 65% of IT and security managers say the cybersecurity skills gap has negatively impacted their team's performance
- Cost and lack of time are cited as the biggest impediments for security pros to improve their skills
- Most organizations had declining, stagnant, or non-existent security training budgets
Offensive security measures like penetration testing can help enterprises discover the common vulnerabilities and exploitable weaknesses that could put an them at risk of costly cybersecurity incidents. By pitting white hat hackers against an organization's deployed infrastructure, organizations can gain a better understanding of the flaws they should fix first—namely the ones most likely to be targeted by an everyday criminal.
Even in the COVID era, August can't officially start for the cybersecurity community without Black Hat USA researchers offering up some juicy exploit announcements and dropping useful security tools onto GitHub. This year's event is fully virtual, which means no rockin' Vegas parties—but still plenty of interesting research lined up.
Recent studies show that the modern SOC has evolved to become the lynchpin for most enterprise security strategies. Organizations spend a significant chunk of their security budget on SOC operations and many depend upon the SOC to help them detect and hunt for threats, respond to incidents, and maintain visibility into the organization's cyber risk posture. However, SOC effectiveness still varies greatly from organization to organization.
Enterprises are putting the brakes temporarily on security spending amid the chaos of the global pandemic, but analysts believe that 2020 will still see growth in the market. A new worldwide security and risk management spending forecast released by Gartner this week updated numbers downward, with the firm projecting infosec spending to grow 2.4% this year compared to the more rosy 8.7% it predicted in December 2019. If the stats hold, the security market will hit $123.8 billion by year end.
The CISO role is rapidly evolving as organizations put more responsibility on the plates of their security and risk executives, particularly within large enterprises. In spite of that, a new survey report from security consulting firm Kudelski Security indicates that there is still "no well defined path to becoming a CISO or other senior security leader." The study shows that many organizations are still shooting from the hip when it comes to security succession planning, recruiting security specialists, and grooming senior security leaders with the skills and traits increasingly required by the business to run enterprise-class cybersecurity programs.
The cost of cybersecurity compliance is rising to unsupportable levels and enterprises are going to need to act soon if they are to keep the situation from hindering innovation, according to a new report. Conducted jointly by analyst firm Omdia and security advisory consultancy Coalfire, the study shows that over half of firms across all the major verticals are spending 40% or more of their IT security budgets on compliance today.
When you fail to plan, you plan to fail. And according to a plurality of veteran security experts, far too many organizations today plan to fail at cyber incident response.
Even as internet and cloud solution providers are scrambling to reliably handle increased traffic due to the sudden shifts to distributed workforces in the face of COVID-19, they're also battling strains against their bandwidth from a decidedly less legitimate front. According to several pieces of research out recently, DDoS attackers are turning up the heat in the quarantine era.
A new report out from CyberEdge Group showed that ransomware attacks broke the record books again last year as criminals were carried to more profitable highs by two new prevailing trends. The first trend is that ransom payers are more successfully recovering their data, which leads to the second trend, namely that more organizations are paying off the ransoms when they're attacked.
It's only been a couple weeks since our team at Business Insights predicted that healthcare organizations would still be targeted by cybercriminals amid the COVID-19 outbreak. The prognostications are proving sadly accurate. Pandemic or no, healthcare cyberattacks keep coming—in spite of some cybercriminals' promises to the contrary.