Even though technology budgets have increased, companies are still vulnerable to attacks due to a major cybersecurity workforce gap. For some reason, the gap has widened to a staggering 3 million across North America, Latin America, Asia-Pacific (APAC), and Europe, the Middle East and Africa (EMEA), according to a study by (ISC)2. To reach this conclusion, a number of factors were analyzed, including how many organizations have cybersecurity roles open.
Anthem, the second-largest health insurer in the US, will pay $16 million to the US Department of Health and Human Services, Office for Civil Rights following a data breach that exposed the electronic protected health information (ePHI) of almost 80 million people. Anthem will also initiate a corrective action plan to include thorough risk analysis and regular reporting.
The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
.jpg)
The healthcare industry is among the top targets of cyberattacks, especially since the internet of things found its way into the industry and completely revolutionized it. After healthcare’s share of ransomware attacks in 2017, and a great deal of data theft, phishing and more ransomware in 2018, cybercriminals gradually switched methods, tapping into the cryptojacking space.
Insider threats are nothing to joke about -- they are a real danger to companies worldwide, who often neglect them. In fact, they rank among the top six threats of 2018, according to statistics. A company will spend at least $8 million yearly on insider threats, the Ponemon Institute has found.
As many as 93 percent of companies in the Forbes Global 2000 list don’t include a vulnerability disclosure policy among top business concerns, according to HackerOne’s The Hacker-Powered Security Report 2018, a deep dive into bug bounty and vulnerability disclosure in the financial services and insurance industries.
Cybercriminals have unwittingly created an impressive, and legal, money-making opportunity – cyber insurance. The cyber insurance market is about to become huge, as experts believe companies will double their spending by 2020 to some 8 billion – 9 billion dollars compared to last year’s average of 3.4 –billion 4 billion, Munich Re, the world’s leading German reinsurance company, recently announced.
.jpg)
Cyberattacks are on the rise, with the most significant malicious activity so far detected in the finance, professional and information sectors, followed by manufacturing, according to Rapid7. Despite the increasing number of data breaches in critical sectors, there are discrepancies in how C-level executives perceive cybersecurity and the threat landscape, depending on their industry and home country.
Many companies have based their business models on collecting facts and statistics from their customers, accumulating big data which they analyze to improve not only customer experience, but also marketing, sales and product strategies. Or so they claim. The popularity of social media and digital operations have made it easier for businesses to gather reams of personal information, including emails, browsing history, habits, location, political beliefs and pretty much any other behavioral detail.
Critical national infrastructures such as the energy sector, public transportation, commercial facilities, government and defense, and medical services, among others, have been under attack in recent years, following a large volume of security vulnerabilities and a lack of encryption.
Enterprises are at risk now more than ever because it seems they keep falling behind on infrastructure security, while hackers are more vigilant and sophisticated in their schemes. Researchers can’t really put their finger on what it is exactly that causes more damage –insider threats, targeted attacks or plain old outdated software, but one thing is certain: by 2023, more than 146 billion records will be leaked following security breaches, according to Juniper Research.
