Hardly a day goes by without a high-profile institution or company announcing that its files have been hacked. Such data breaches can cause financial losses and affect an organization’s reputation for years. A look at high-profile victims like Equifax, Marriot, and British Airways shows they all lacked a clear and complete understanding of their attack surface and the presence of risky endpoints.
High-profile security breaches come every week, creating a guessing game of who will make the headlines next. Recent compromises include Equifax, Marriot, and British Airways, which just received the largest fine in GDPR history for the breach of its customer financial data.
Recent attacks on MSPs have confirmed once again that both managed service providers and customers are increasingly targeted by cybercriminals, and the attacks often succeed.
-solution.jpg)
The increase in cloud adoption has significantly impacted the way organizations think about security, in the sense that threat visibility into infrastructures has become mandatory in light of how the threat landscape has evolved. Starting from the premise that threat actors can and will breach infrastructures, organizations need to begin focusing on detecting and responding to these breaches as swiftly as possible to restore affected environments, ensure business continuity, and stay compliant with new regulations.
The use of machine learning algorithms in the security industry has become a necessity with the rapid growth of malware samples. Obfuscation, polymorphism and encryption have caused a surge in new malware, which now numbers in the hundreds of millions of samples hunting on the internet.
Chief Financial Officers (CFOs) these days have a hard time balancing budgets and acquisitions, especially when it comes to security. While for a CIO or a CSO the decision to invest in security might seem like a no-brainer, CFOs have to evaluate security spending against other business costs. And security is often difficult to distinguish from IT operations if you’re not involved in either.
In 2016, the number of ransomware attacks increased 300 percent from 2015, with over 4,000 attacks detected per day, according to US government statistics. Ransomware is among the worst types of infection, as it not only encrypts network data, but in the end may cost victims all their data – even if they pay the ransom. It should be a priority for all businesses and organizations in 2017.
Despite obvious supply chain differences between organizations in different industries, IT architects should consider their generic similarities when integrating various solutions. Quite often, the complexity of the supply chain depends on the entities working together – manufacturers, logistic providers, repackages, retail stores – meaning that security and infrastructures become complex and cumbersome to manage.
When talking about artificial intelligence, people typically envision a Sci-Fi world where robots dominate. But artificial intelligence is already improving everyday technologies such as ecommerce, surveillance systems and many others.
It seems there’s no shortage of enterprises that fall short when it comes to protecting their information and digital assets. Most of the time you will see this blamed on new attack techniques, advanced forms of custom malware, and the rise in recent years of state-sponsored snoops and criminals. Security professionals have it tough, as their adversaries are always improving their tactics, no doubt. And the technologies their organization uses to boost productivity and provide new services are always advancing in areas such as mobility, cloud, data analytics, and soon the Internet of Things.
One of the hottest topics in IT these days is the Internet of Things (IoT). This is partly hype for sure, but IoT is nevertheless something all IT and security executives should be learning about, if not actually focusing on as a corporate strategy.
The definition of corporate “endpoints” is constantly evolving, and securing those endpoints is becoming increasingly complex for enterprises. As the SANS Institute points out in its March 2016 Endpoint Security Survey, endpoints now include non-traditional computing devices or "things," and IT professionals are becoming aware of the fact that those endpoints require different thinking around security.
