Organizations mostly monitor what they already know about, leaving unknown assets unprotected and open to attackers
December 4, 2020
CyCognito announced new research in partnership with Enterprise Strategy Group (ESG) that revealed most security professionals recognize that attack surface protection is important, but their operational practices and tools used aren’t up to the challenge.
A new partnership aims to help healthcare IT vendors and services firms improve their overall risk and security profile and provide greater transparency to thousands of healthcare providers. As part of the partnership, KLAS, which has conducted deep research and analysis on more than 900 healthcare IT products and services, will introduce a new Cybersecurity Readiness Assessment.
Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website defacement, distributed denial of service (DDoS) attacks, and theft of personally identifiable information (PII), to more advanced activities—including social media-driven influence operations, destructive malware, and, potentially, cyber-enabled kinetic attacks, warns the Cybersecurity and Infrastructure Security Agency (CISA).
Healthcare is a vitally important industry, especially today. Sadly, healthcare organizations are frequently the targets of cyberattacks. This is especially important today because many of these attacks impede the ability of the organizations to offer care to their patients. The most severe attacks can even cause life-threatening situations.
One lesson that is underscored by the disruption of COVID and the resulting transformation of business operations is the importance of IT modernization. Here, we know that business leaders understand its significance, but we also see evidence that failing to embed security into the strategies and plans for IT modernization may be a difference-maker.
A cold reality in today’s enterprise is that ransomware is looming and threatening organizations constantly – like a lion behind the tall grass waiting patiently for its prey. It has unequivocally become the biggest threat to an enterprise alongside malware and phishing, even more so than a natural disaster or hardware failure, or a zero-day attack.
Recent data from Risk Based Security revealed that the number of records exposed has increased to a staggering 36 billion in 2020. There were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of Q3 adding an additional 8.3 billion records to what was already the “worst year on record.” Here, we bring you our list of the top 10 data breaches of 2020.
Ransomware penetrates an organization’s IT infrastructure through phishing emails or endpoint vulnerabilities and then encrypts files, holding data hostage until a fee is paid to decrypt them. The FBI has deemed ransomware the fastest growing malware threat, causing significant revenue loss, business downtime and reputational damage. It’s critical organizations protect their data by following the best practices.
Distributed denial of service (DDoS) attacks are more than an inconvenience; they paralyze operations and cause significant direct and indirect costs to those affected. Over 23,000 DDoS attacks are recorded per day, leaving companies to deal with disrupted online services. Recently, New Zealand’s Stock Exchange (NZX) was hit by a large DDoS attack for four consecutive days which led to a stock market closure that barred many from trading.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) will be releasing a document that provides a roadmap to threat mitigation of Position, Navigation, and Timing (PNT) services, a national critical function powering many of the critical infrastructure sectors that enable modern society. The conformance framework was developed with input from industry stakeholders and will help critical infrastructure owners and operators make risk-informed decisions when deciding what PNT equipment to deploy. It provides distinct levels of resilience so end users can choose equipment that’s appropriate for their needs, based on criticality and risk tolerance.
RSS
