Cybersecurity teams struggle with a lack of visibility into threats, endpoint devices, access privileges, and other essential security controls necessary for a robust cybersecurity posture. Without full visibility into their entire digital ecosystem, infosec teams cannot fully secure the assets on their networks or effectively prioritize the most serious threats. Below, I dive into how security professionals are still fighting the battle between effectively viewing serious threats and communicating cyber risk to company leadership.
The ongoing COVID-19 pandemic has taken work out of the office and into the home for most people. This means workers are using their home networks and personal devices to connect to the office more than ever before. This shift in work patterns brings with it new network connectivity and security challenges for IT teams to tackle.
A CEO will last 8.4 years in the position, while a CFO clocks in at 6.2 years in average length of tenure. But a look around the boardroom will tell you that longevity isn’t in the cards for overworked, overwhelmed CISOs, with most only spending an average of two years in the role before calling it quits. This trend is no coincidence - CISOs are at the top of the list for burnt out, especially this year, as organizations accelerated digital transformation nearly overnight and employees continue to work remotely.
As we head into the final day before the 2020 election, disinformation on social media continues to make headlines as a means to sway public opinion and to discourage people from voting. For example, swing states have been targeted with evolving disinformation tactics in an attempt to influence what happens in the voting booth, while Black and Latino voters have been flooded with messages aimed to depress turnout by fueling cynicism and distrust in the political process.
Cybercriminals are taking notice of the seemingly endless vulnerabilities schools face. Take the explosive ransomware attack on the University of Utah from earlier this summer, or the malware attack on the Rialto school district in California, for example. Even with a rapidly increasing attack surface, schools aren’t exactly able to drain their already-limited funding on transforming their IT infrastructure in the midst of a global pandemic. However, it is possible for schools to reduce risk by understanding where they are most vulnerable, taking the time to educate teachers, parents and students, and adopting certain tools and strategies to prevent targeted attacks on remote learning networks.
It’s the season of ghouls, ghosts and outrageous costumes. But for CISOs and cybersecurity professionals, a bump in the night on Halloween is more likely to be a notification warning them of data breach than a spooky ghostly visitation. In the COVID-19 era, spookiness-as-a-service providers who rent out costumes or sell party products are likely to have a difficult time as lockdowns and home-working play havoc with businesses focused on in-person interaction. Yet for hackers, the dawn of a socially-distanced new normal has opened up vast numbers of attack vectors and given them new opportunities to target businesses or individuals. So what should you be worried about this Halloween? To help you work out the answer to that question, here are some of the scariest cybersecurity stories and trends of 2020:
Rigorous training as to how hackers are able to get into systems and access sensitive data and how to defend against an onslaught of cyberattacks has given rise to a specific type of training and competition for cybersecurity professionals: Capture the Flag (CTF).
To find out more about these competitions, we talk to Dr. David Brumley, CEO of ForAllSecure, Inc. and Professor of Electrical and Computer Engineering and Computer Science at Carnegie Mellon University.
Healthcare providers remain firmly focused on dealing with the global pandemic, juggling the often-conflicting demands of providing care while keeping patients and staff safe. The financial impact of the pandemic has left many providers on the brink of bankruptcy amid falling patient visits deferred elective surgeries, and insufficient government aid to “fill the gap.”