March 14, 2018
Security teams remain challenged to identify cyber security threats in the cloud. In this white paper, our cloud security experts share methods for choosing the right monitoring solution to improve cloud visibility into your network and critical assets.
Stephanie Ewing, deltarisk.com, March 9, 2018
According to the 2018 Hiscox Cyber Readiness Report released in February, 58 percent of U.S. firms with more than 250 employees have cyber insurance but only 21 percent with fewer than 250 are covered. What’s even more interesting is that more than half of U.S. small businesses have no intention of investing in cyber insurance.The lack of complete buy-in is understandable. Although cyber insurance coverage can mitigate some of the monetary damages from data breaches, affected companies still incur large costs. For example, Equifax reported $275 million in costs from 2017 breach – insurance covered $75 million of those costs.
Dan Goodin, arstechnica.com, March 10, 2018
Researchers have discovered malware so stealthy it remained hidden for six years despite infecting at least 100 computers worldwide. Slingshot—which gets its name from text found inside some of the recovered malware samples—is among the most advanced attack platforms ever discovered, which means it was likely developed on behalf of a well-resourced country, researchers with Moscow-based Kaspersky Lab reported Friday.
Doug Drinkwater, csoonline.com, March 9, 2018
Chief information security officers (CISOs) are highly sought after, to the point where good ones are expensive and hard to come by. So this is a challenge when more and more organizations, reeling in the wake of CISO-less breaches like Target and the UK’s TalkTalk, recognize the value in having one in place. Could an on-demand virtual CISO (vCISO) be the answer to your prayers? A vCISO is an outsourced security practitioner or provider who offers their time and insight to an organization on an ongoing basis, usually part-time and remotely.
Marianne Kolbasuk McGee, govinfosecurity.com, March 9, 2018
What’s on the minds of healthcare CISOs these days when it comes to cybersecurity challenges and initiatives? I got the chance to pick the brains of quite a few security leaders during the HIMSS18 conference in Las Vegas while attending a variety of sessions, conducting sit-down interviews and networking.
Tech Target Staff, searchhealthit.techtarget.com, March 8, 2018
Healthcare cybersecurity can be likened to those old movie westerns pitting the good guys against the bad guys. Back then, however, it was easy to distinguish the white hats from the black hats. Not so in today’s complex, sinister world of computer hacking, malware, ransomware and botnets, where the black hats stealthily maneuver through the shadows of a cyberspace that has often been compared to the wild wild west. In some respects, healthcare systems have shown definite signs of improvement in preventing certain types of cybercrimes.
Allan Liska, recordedfuture.com, March 6, 2018
Last year, I published my predictions for ransomware trends, some of which turned out to be correct — others, not so much. For example, ransomware becoming part of a number of different attack groups’ toolsets and the continued growth of fileless malware were accurate predictions. On the other hand, predicting a rise in ransomware designed to publicly shame victims as well as ransomware declining because of law enforcement actions were incorrect. While ransomware is on the decline, that is more because organizations and security vendors have gotten better at stopping it earlier in the attack chain process.
Lily Hay Newman, wired.com, March 12, 2018
Distributed denial of service attacks, in which hackers use a targeted hose of junk traffic to overwhelm a service or take a server offline, have been a digital menace for decades. But in just the last 18 months, the public picture of DDoS defense has evolved rapidly. In fall 2016, a rash of then-unprecedented attacks caused internet outages and other service disruptions at a series of internet infrastructure and telecom companies around the world.
Warwick Ashford, csoonline.com, March 2, 2018
Only half of ransomware victims who pay ransoms to cyber criminals recover their data, a report reveals, pointing to a need for more effective strategies to deal with these attacks. Organisations should focus on ransomware detection and prevention rather than holding contingency funds to pay off attackers, say security experts. The futility of relying on ransom payment is underlined by the latest cyber threat report by research and marketing firm Cyber Edge Group, which shows that half of organisations that pay ransoms never get their data back, while the other half acknowledged complete data loss.
Gabe Carey, techradar.com, March 9, 2018
Knowledge is power, but it’s also expensive. In a day and age where it’s essentially required that everyone have a college education, you have to be able to either afford the experience or the coursework. Of course, time is money and if you have any to spare, it’s oftentimes just as valuable to certain course administrators. A quick Google search will tell you that there are thousands of cybersecurity classes that you can take online for free.