In about two months, two years will have passed since the WannaCry ransomware attack, a large-scale, global security incident that spread through the EternalBlue exploit targeting computers operating on outdated Windows systems. It affected over 300,000 computers that were still using vulnerable software such as Windows Vista and Windows 7, which had already been obsolete for quite a while.
All about Virtualization and Cloud Security | Recent Articles:
The Facebook data breach of 2018, probably the biggest of the year, illustrates better than any other example that no company, big or small, is immune to hackers. One would expect a company of Facebook’s size to sustain top-tier research and development for cybersecurity, but last year’s breaches prove it’s vulnerable anyway.
In 2018, companies struggled to mitigate large-scale attacks and data breaches, but apparently too little action has been taken to improve defenses in 2019. Businesses are trying to be proactive. They have increased cybersecurity budgets and invested in resources, including in qualified IT staff. So why are they, financial services specifically, still falling for social engineering scams and malware attacks? What hampers efforts to safeguard their networks?
Only three months short of its first year anniversary on May 28, it’s time to take a look at EU’s GDPR by numbers. Enforced to protect European users from unethical and illegal commercial practices, the internet privacy law has so far led to three major fines for privacy infringement.
Financial services organizations operate with high volumes of valuable data, making them an attractive target for hackers. They are vulnerable to scams, fraud and banking Trojans, so data security in this sector is critical. IT executives struggle to optimize cybersecurity, as they often deal with low budgets and a lack of skilled workers to implement better security. These are top roadblocks, especially as open banking exposes their data and infrastructure to third-party vulnerabilities.
Not taking security strategy and execution seriously enough to come up with a proper incident response program is a problem that is regularly noticed. Businesses large and small fear customer information, financial data or corporate secrets will fall to the wrong hands in an advanced malware attack. But they keep investing in the wrong projects, work with outdated software, don’t train employees about passwords and phishing to prevent human error and internal attacks, and don’t look into third-party vulnerability protection.
The ‘bring-your-own-device to work’ trend has made traditional security methods appear obsolete. It seems the good old-fashioned password authentication or code received via text on a smartphone can’t cut it anymore. Multi-factor authentication and biometric security appear to be the answer for now for both organizations and consumers.
After 40 percent of UK businesses reported data breaches or security incidents in the past year, the government wants to completely “design out” complex cyber risks and attacks. To achieve this and strengthen national infrastructure and consumer security, officials plan to issue an impressive challenge to enterprises across the UK.
Businesses are struggling to develop cyber resilience to fend off attacks as they seek to create flawless operations and to scale systems. Efficient cybersecurity in an advancing digital economy is no easy goal, as many factors are at play, including third-party risks and increased attack surface, as a result of extensive interest in IoT deployments. This is why corporates and governments need to work together to set up priorities to help enable digital transformation and build trust through proper safeguards on consumer data privacy.
2020 will bring the end of Windows 7, following Microsoft’s announcement that it will no longer offer support and updates for the operating system starting January 14, 2020. But companies appear to have had a good run with it and are not yet ready to say goodbye, a Kollective survey of 1,000 US and UK enterprise IT professionals has found.
The popularity of container technology has grown fast in software engineering, but 60 percent of organizations suffered at least one container-related security incident in 2018, mostly caused by the advancement of DevOps teams, according to Tripwire’s State of Container Security Report. 71 percent anticipate an increase in container security incidents in 2019, most likely raising the costs of hybrid cloud security.
The financial services industry falls victim to cybersecurity attacks 300 times more often than any other. 47.5% of financial institutions were breached in the past year, while 58.5% have experienced an advanced attack or seen signs of suspicious behavior in their infrastructure, according to a Bitdefender white paper.