ThycoticCentrify announced new research that reveals more than half of organizations have been grappling with the theft of legitimate, privileged credentials (53%) and insider threat attacks (52%) in the last 12 months. In 85% of the privileged credential theft instances, cybercriminals were able to access critical systems and/or data. In addition, two-thirds (66%) of insider threats led to abuse of administrative privileges to illegitimately access critical systems and/or data.
As a former Marine with expertise in counterintelligence, Human Intelligence (HUMINT) and Technical Surveillance Counter-Measures (TSCM), Jason Passwaters leveraged his international war fighting experience and built uniquely qualified teams at iSIGHT Partners, and then in co-founding Intel 471. His military service taught him to emphasize three areas that can make threat intelligence more targeted and actionable for organizations.
The Department of Homeland Security (DHS) will issue a directive later this week requiring all pipeline companies to report cybersecurity incidents to federal authorities. The directive comes two weeks after Colonial Pipeline, which operates the biggest gasoline conduit to the East Coast, was forced to shut down its 5,500-mile pipeline after a devastating ransomware attack.
In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that in early March 2021, the company "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment."
While authentication and authorization might sound similar, they are two distinct security processes in the identity and access management (IAM) space. Authentication is the security practice of confirming that someone is who they claim to be, while authorization is the process of establishing the rights and privileges of a user. Here, we talk to Tehila Shneider about authorization, authentication, and why authorizations remains a problem that is mostly unsolved.
The FBI identified at least 16 Conti ransomware attacks targeting U.S. healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the U.S.
The increase in cyber insurance adoption and premium prices coincides with a changing — and more challenging — threat landscape, this according to a new GAO report on cyber insurance. The report describes key trends in the current market for cyber insurance, and identified challenges faced by the cyber insurance market and options to address them. To conduct the study, GAO analyzed industry data on cyber insurance policies; reviewed reports on cyber risk and cyber insurance from researchers, think tanks, and the insurance industry; and interviewed Treasury officials.
Nuspire, managed security services provider (MSSP), announced the appointment of industry veteran, J.R. Cunningham, as Chief Security Officer. In this role, Cunningham will oversee Nuspire’s security strategy, oversight of policies and compliance, and the new Nuspire Security Program, which is a step-by-step program designed to help Nuspire’s customers build customizable security programs. Cunningham joins Nuspire with over 25 years of experience, building and maintaining security programs, security strategy consulting, cyber practitioner leadership and creating successful long-term client relationships through strategic consulting. I
Palo Alto Cortex Xpanse research team spent the first three months of 2021 monitoring the activities of attackers to better understand how much of an edge adversaries have in detecting systems that are vulnerable to attack. They followed a benchmark that they call “mean time to inventory” (MTTI), which is simply how long it takes somebody to start scanning for a vulnerability after it’s announced.
Xpanse research found 79% of observed exposures occurred in the cloud.
In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1,200 members in the United States and found that 84% of respondents believe ransomware attacks will become more prevalent in the second half of 2021. The Colonial Pipeline attack caused massive disruptions to gasoline distribution in parts of the US this month, resurfacing preparedness for ransomware attacks as a front-burner topic for enterprises around the world. Colonial reportedly authorized a ransom payment of US $4.4 million. In the ISACA survey, four out of five survey respondents say they do not think their organization would pay the ransom if a ransomware attack hit their organization. Only 22% say a critical infrastructure organization should pay the ransom if attacked.