ANSSI, the French cybersecurity agency, has reported an intrusion campaign targeting the monitoring software Centreon distributed by the French company CENTREON which resulted in the breach of several French entities. The first victim seems to have been compromised from late 2017. The campaign lasted until 2020.
Kia Motors America has allegedly suffered a ransomware attack by the DoppelPaymer gang. The gang is demanding $20 million for a decryptor and not to leak stolen data, according to news reports.
If the experiences of 2020 taught us anything, it’s that risk in the modern world cannot be understood or sufficiently mitigated with a siloed approach. Individual threats, such as regulatory risk and IT security, converge. Lacking a high-level view, it’s difficult to see the web of cause and effect – making it more difficult to anticipate, prepare, or mitigate the biggest risks. 2020 may be over, but the challenges remain in 2021. Compliance and risk management will need a shared umbrella of information and communication to tackle the complex, integrated risks of today’s landscape.
The acceleration of digitization initiatives was paramount to ensure business continuity during this global crisis. As we rebuild economic stability in 2021, technology – especially automation and security – will play a significant role in positioning enterprises to return to growth.
A combination of factors are likely to keep the world on this path in the near term regarding social unrest. An atmosphere of social unrest has potential consequences at the enterprise level in terms of risk and resiliency and business continuity. Here are five concrete steps security leaders can take to prepare for or reevaluate their existing response plans.
The complexities of corporate security call for truly global visibility and situational awareness. To get there, GSOCs should consider adopting a program of threat intelligence and digital risk protection (DRP) to keep digital assets safe.
Listen to Ian Thornton-Trump, CISO of Cyjax, and his talking partner Tristan de Souza as they ruminate on some of the biggest issues in cybersecurity and geopolitics each and every month in this highly informative and entertaining video podcast. This month's episode looks at whether U.S. President Joe Biden has committed sufficient resources to cybersecurity; discusses ‘the Putin problem’; ponders about phishing in a pandemic; and talks about the GameStop blow-up.
Every week there seems to be a news story about another massive data breach with millions—and sometimes billions—of records containing personal data lost or stolen. We regularly hear about cyberattacks involving brute-forcing secure logins or exploiting software flaws, but there’s a new segment of the cybercriminal economy that’s growing fast: attackers who target companies that have unintentionally left data out in the open via misconfigured databases.
Risk assessment is a key element of any discussion around security and the cloud. Security is measured in terms of how much risk there is of something happening – and nothing is without risk. So, when it comes to evaluating a move to cloud desktops, companies are really looking at how it will reduce risk.
With work from home becoming the norm, employees are likely letting their guards down, allowing people in the same household, whether family or visitors, to have access to work-related content. That is why a good cybersecurity strategy starts with people—and a zero trust approach.
RSS
