The year 2020 has been a whirlwind of adaptation and change, prompting the phrase “business as usual” to take on a whole new meaning. The Center for Internet Security, Inc. (CIS) has become a leader in supporting both public and private organizations in the COVID era, when many are shifting more of their workforce remote and more of their workloads to the cloud. 2020 also marks a milestone for the Center for Internet Security, as CIS is celebrating its 20th anniversary this month.
NSA’s National Cryptologic Museum (NCM) is thriving and plans to keep growing as it welcomes a new Director. Dr. Vince Houghton, who brings a deep background in intelligence and history, joined the Agency last month after serving as historian and curator of the International Spy Museum in Washington, D.C. Dr. Houghton said he already is impressed with the professionalism of the current staff.
With more commerce occurring online this year, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain vigilant. Be especially cautious of fraudulent sites spoofing reputable businesses, unsolicited emails purporting to be from charities, and unencrypted financial transactions.
Content-centric solutions that evaluate each message based on how likely it is to be bad create a gap through which identity-based email attacks can slip. A zero-trust email security model is vital to closing that gap. Zero-trust may also be characterized as zero-assumption.
For organizations experiencing data breaches, the consequences are considerable, especially for security operations. IBM reports that over 25,000 data records are stolen with the average data breach, and costing the targeted company as much as $8.64M per breach in the United States. And it takes on average a staggering 280 days between identifying and containing a data breach (known as the breach cycle). So why is it so hard to fight this digital war, and why is the breach cycle so long?
Stories about cyberattacks and security breaches are popping up more and more frequently in the news and it seems as though no company is immune to the sophisticated strategies hackers use to obtain high value confidential data. These data hacks result in bad PR, lost customer trust, possible fines, and potentially ruined reputations. Needless to say, it should have you questioning whether or not your data is properly protected, and the answer is — it’s probably not.
According to the Information Security Forum (ISF), with growing recognition that security awareness in isolation rarely leads to sustained behavior change, organizations need to proactively develop a robust human-centered security program to reduce the number of security incidents associated with poor security behavior.
Sumo Logic released findings from its fifth annual report. ”The Continuous Intelligence Report: The State of Modern Applications, DevSecOps and the Impact of COVID-19” provides an inside look into the state of the modern application technology stack, including changing trends in cloud and application adoption and usage by customers, and the impact of COVID-19 as an accelerant for digital transformation efforts.
Few cybersecurity components are as familiar as the next-generation firewall (NGFW) for enterprise protection. Despite this ubiquity, it is common for security teams to operate their NGFW in a suboptimal manner. The TAG Cyber team has observed, for example, that many enterprise teams operate their NGFW more like a traditional firewall. This can result in a reduction of traffic visibility, which in turn degrades prevention, detection, and response.
There is an opportunity here for IT teams to stabilize their work-from-home situations while also preparing for the future back in the office, or for many, supporting a hybrid model. Long term solutions are needed for organizational success. There are many steps that can be taken to ensure infrastructure is properly cared for and ready to be used when teams are able to return to the office.