- Chief Information Security Officers are preparing for an average of 3.3 security compliance standard audits over the next six to 12 months
- Of the CISOs working for software companies, 77% said they were preparing for SOC-2 audits
- Security seniors are worried about their current resources facing upcoming audits and security compliance
All about Virtualization and Cloud Security | Recent Articles:
- Simulated phishing campaign reveals recipients typically open the email 50% of the time, 32% click the malicious attachment or link, and 13% submit sensitive data
- Employees in Quality Management & Health, Purchasing / Administrative Affairs, Legal / Internal Control, Human Resources, and Research & Development have the highest rates opening and interacting with malicious emails
- Phishing attacks are winning because they target fundamental and typical human nature, researchers say
- The adoption of telehealth vendors has significantly expanded healthcare providers' attack surface
- Researchers find a noticeable increase in leaks from primary healthcare and telehealth companies on the dark web since February 2020
- Threat actors use strains of ransomware that are uniquely tailored to take down healthcare IT infrastructures
- Despite new risks from telehealth vendors, the healthcare sector has improved its security posture compared to 2019
- Ransomware retakes the lead (from business email compromise) as the top cyber insurance claim the first half of the year
- Analysts observed a 47% increase in the severity of ransomware attacks, on top of a 100% increase from 2019 to Q1 2020
- Ransomware (41%), funds transfer loss (27%), and business email compromise incidents (19%) were the most frequent types of loss
- 94% of IT pros have experienced a data breach at some point in time
- 79% are worried their current employer could be next
- Employee data breaches most commonly occur through external email services such as Gmail and Outlook
- 88% of data breaches are caused by human error
- Employees between the ages of 18 and 30 are five times more likely to admit to errors that compromised cybersecurity
- IT reps can leverage integrated Risk Management and Analytics to address misconfigurations and vulnerabilities, including human-triggered ones
- 84% of companies say their vulnerability management is efficient
- Researchers find a significant disconnect between perception and reality
- Organizations must update and automate remediation processes
Most companies place a lot of trust in their vulnerability management programs, with 84% of IT leaders rating them as "mature." However, a deeper dive into the state of vulnerability management at various companies reveals a major disconnect between that perception and reality.
- Data storage, remote access and network administration are most prevalent services exposing sensitive data
- Unsafe services are linked to other security issues in the digital supply chain
- Ukraine, Indonesia, Bulgaria, Mexico and Poland are among countries with the highest rate of domestically hosted systems running unsafe services
A third of companies in the digital realm expose unsafe services to the internet and exhibit several other critical security lapses, according to an in-depth study on the prevalence of unsafe network services.
- Most security professionals have difficulty maintaining security configurations in the cloud
- 22% still assess their cloud security posture manually
- Security pros confess they need more automated enforcement
Organizations face shortcomings in monitoring and securing their cloud environments, according to a survey of 310 security professionals.
- Cybercrime will cost more than $11 million per minute globally by 2021
- Organizations spend on average $25 per minute to tackle malicious activity
- Threat intelligence emerges as a key asset in defending the enterprise against cyber threats
The global cost of cybercrime has doubled since 2015. Cybercrime now costs organizations $25 per minute and will have a per-minute global cost of more than $11 million by 2021, according to a new report.
- 50% of businesses find it harder to detect insider threats after migrating to the cloud
- customer data is the most vulnerable to insider attacks
- the average cost of remediation after an insider attack is anywhere between $100,000 and $2 million
Insider threats pose a significant danger to any organization. This danger is exacerbated as the global pandemic forces a shift to cloud applications and remote work. According to a new report, 50% of businesses find it harder to detect insider threats after migrating to the cloud.
The shift to remote work amid the COVID-19 pandemic makes employees more susceptible to BEC attacks and gives threat actors the opportunity to apply tactics likely to be successful given these working conditions, new research shows.