The year 2020 has been a whirlwind of adaptation and change, prompting the phrase “business as usual” to take on a whole new meaning. The Center for Internet Security, Inc. (CIS) has become a leader in supporting both public and private organizations in the COVID era, when many are shifting more of their workforce remote and more of their workloads to the cloud. 2020 also marks a milestone for the Center for Internet Security, as CIS is celebrating its 20th anniversary this month.
The risk level to the global workforce has reached its highest since 2016 according to the findings of the International SOS Risk Outlook 2021. Unsurprisingly, around eight in 190 risk professionals believe the health and security risks faced by the workforce increased in 2020 (specifically for “domestic employees” (85%), “assignees” (81%), “student and faculty” (80%), “business travelers” (79%) and “remote workers” (77%)). Around half believe that this will increase further in 2021.
For organizations experiencing data breaches, the consequences are considerable, especially for security operations. IBM reports that over 25,000 data records are stolen with the average data breach, and costing the targeted company as much as $8.64M per breach in the United States. And it takes on average a staggering 280 days between identifying and containing a data breach (known as the breach cycle). So why is it so hard to fight this digital war, and why is the breach cycle so long?
Stories about cyberattacks and security breaches are popping up more and more frequently in the news and it seems as though no company is immune to the sophisticated strategies hackers use to obtain high value confidential data. These data hacks result in bad PR, lost customer trust, possible fines, and potentially ruined reputations. Needless to say, it should have you questioning whether or not your data is properly protected, and the answer is — it’s probably not.
Among the top threats to businesses are theft of property, theft of data and workplace violence. When it comes to preventing these commonplace scenarios, a fence can be the first step to designing an effective access control program. By starting at the perimeter, entities can create a physical barrier that deters infiltration and denies entry. So, what kind of fencing offers an uncompromising solution? An astute option is a fence classified as high-security. Several factors determine whether a fence is considered high-security, including the material it’s made from, how it’s constructed and the features that the construction enables.
The bottom line: The pandemic and other issues have put security weaknesses and new requirements into sharp relief. Travel limitations and other obstacles are hampering efforts to address these. To adapt and reopen, security managers have heightened expectations of their integrators to be more informed, transparent, and digitally advanced.
According to the Information Security Forum (ISF), with growing recognition that security awareness in isolation rarely leads to sustained behavior change, organizations need to proactively develop a robust human-centered security program to reduce the number of security incidents associated with poor security behavior.
ICAO issued a bulletin announcing its new Testing and Cross-border Risk Management Measures Manual (Doc 10152), developed by the members of the dedicated CAPSCA group it established in 2009 for the prevention and management of public health events in civil aviation.
Tim Wiseman, the University of Wyoming’s chief risk officer, has been elected to the University Risk Management and Insurance Association (URMIA) Board of Directors. Wiseman is one of two new board members selected for a three-year term.
Few cybersecurity components are as familiar as the next-generation firewall (NGFW) for enterprise protection. Despite this ubiquity, it is common for security teams to operate their NGFW in a suboptimal manner. The TAG Cyber team has observed, for example, that many enterprise teams operate their NGFW more like a traditional firewall. This can result in a reduction of traffic visibility, which in turn degrades prevention, detection, and response.
