nVisium released the findings of their recent research which explores the current state of cybersecurity awareness and security training initiatives within today’s remote workforce. The research reveals that only 35% of respondents classify security awareness training as a ‘top priority’ while working remotely, and nearly half say that their DevOps teams are not experts in understanding how to protect at home wireless networks.
The New York Attorney General’s Office (NYAG) reached a Consent and Stipulation Agreement with Dunkin’ Brands, Inc. (Dunkin), which obligates the company to implement and maintain a comprehensive information security program to protect customers’ private information. The terms of the consent agreement are similar to the terms New York reached with Zoom earlier this year regarding inadequate data security practices, and strongly resemble the reasonable security measures described in the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act).
Specops Software discovered that 41% of employees had not been provided with adequate cybersecurity training while working from home, and they were keen to discover which sectors were experiencing the most threats during this time. They found that 54% of businesses across 11 sectors have seen a rise in cybercrime threats since working from home, with phishing being the most prevalent attack.
Though nearly half of cyberattacks are aimed at small businesses, only 37% of small business owners reported believing they are at risk to fall victim to a cyberattack.
October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners — including the National Cyber Security Alliance — to ensure every American has the resources they need to stay safe and secure online.
ESET researchers have analyzed a new version of Android spyware used by APT-C-23, a threat group active since at least 2017 that is known for mainly targeting the Middle East. The new spyware, detected by ESET security products as Android/SpyC23.A, builds upon previously reported versions with extended espionage functionality, new stealth features and updated C&C communication.
The Information Security Forum (ISF) has published Becoming a Next Generation CISO, the organizations latest digest which sets out the range of disciplines a next-generation Chief Information Security Officer (CISO) can be expected to master.
A new report from email security company Tessian reveals that 75% of IT decision makers believe the future of work will be remote or “hybrid” - where employees choose to split their time between working in the office and anywhere else they’d like. As businesses try to deliver a seamless hybrid experience, Tessian’s Securing the Future of Hybrid Working report reveals the security risks they must overcome and the pressures on IT teams.
The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices.